Biometria behawioralna i “tradycyjna“ w mobilnych usługach bankowych - stan oraz przyszłe możliwości zastosowania

• Authors: Piotr Kałużny , Piotr Stolarski

Title variants

EN

Behavioral and traditional biometrics in mobile financial services – current state and future outlook

Abstracts

EN

The article characterizes traditional (physical) and behavioral biometrics methods, which can be applied in authentication procedures in banking on mobile devices. Moreover, the model of authentication with the use of behavioral biometric methods was presented. Such model may be used in the future banking applications. A wide overview of authentication methods in banking is presented in the article, including current state of the mobile payment market and a summary of the most important concepts and ideas connected with the authentication methods used in information systems. The text also presents practical implications resulting from the use of behavioral methods in the financial sector and the discussion over the example scenarios of proposed methods.

PL

W artykule scharakteryzowano tradycyjne (fizyczne) i behawioralne metody biometryczne, możliwe do wykorzystania w procesach uwierzytelniania w bankowości w urządzeniach mobilnych. Zaproponowano model uwierzytelniania za pomocą biometrii behawioralnej, który może zostać wdrożony w sektorze usług finansowych. Dokonano też analizy metod uwierzytelniania w bankowości, ze szczególnym uwzględnieniem metod zabezpieczeń wykorzystywanych w systemach informatycznych. Scharakteryzowano również stan rynku usług płatności mobilnych. Wreszcie wskazane zostały praktyczne implikacje zastosowania metod biometrycznych w usługach bankowych wraz z dyskusją przykładowych scenariuszy stosowania metod biometrii behawioralnej.

Keywords

PL

biometria; biometria behawioralna; uwierzytelnianie; bankowość; aplikacje mobilne; bankowość elektroniczna; bankowość mobilna

EN

biometrics; behavioral biometrics; authentication; banking; mobile applications; e-banking; mobile banking

• Publisher: Bankowy Fundusz Gwarancyjny
• Journal: Bezpieczny Bank
• Year: 2019
• Volume: 74
• Issue: 1
• Pages: 139-161

Dates

published

2019

Contributors

author

Piotr Kałużny

• Uniwersytet Ekonomiczny w Poznaniu

• https://orcid.org/0000000231539485

author

Piotr Stolarski

• Uniwersytet Ekonomiczny w Poznaniu

• https://orcid.org/0000000170762316

References

• Alotaibi, S., Furnell, S., & Clarke, N. "Transparent authentication systems for mobile device security: A review." Internet Technology and Secured Transactions (ICITST), 2015 10th International Conference for. IEEE, 2015, pp. 406–413.
• Alzubaidi, A., & Kalita, J. „Authentication of smartphone users using behavioral biometrics”. W: IEEE Communications Surveys & Tutorials 18.3 (2016), pp. 1998–2026.
• Bailador, G. i in. „Analysis of pattern recognition techniques for in-air signature biometrics”. W: Pattern Recognition 44.10-11 (2011), pp. 2468–2478.
• Banerjee, S. P., & Woodard, D. L. „Biometric authentication and identification using keystroke dynamics: A survey”. W: Journal of Pattern Recognition Research 7.1 (2012), pp. 116–139.
• Blanco-Gonzalo R. i in. “Handwritten signature recognition in mobile scenarios: Performance evaluation,” in 2012 IEEE International Carnahan Conference on Security Technology (ICCST), 2012, pp. 174 –179.
• Bo C. i in. „Continuous user identification via touch and movement behavioral biometrics”. W: Performance Computing and Communications Conference (IPCCC), 2014 IEEE International. IEEE. 2014, pp. 1–8.
• Bo C. i in. „Silentsense: silent user identification via touch and movement behavioral biometrics”. W: Proceedings of the 19th annual international conference on Mobile computing & networking. ACM. 2013, pp. 187–190.
• Bolle R. M i in. Guide to biometrics. Springer Science & Business Media, 2013.
• Buriro, A. i in. „Itsme: Multi-modal and unobtrusive behavioural user authentication for smartphones”. W: International Conference on Passwords. Springer. 2015, pp. 45–61.
• Braz, C., & Robert, J. M. “Security and usability: the case of the user authentication methods”. IHM, 2006, Vol. 6, pp. 199-203.
• Cegiełko Sz. „Kultura użytkowa zabezpieczeń biometrycznych klientów banków w Polsce na podstawie sondażu internetowego”. W: Bezpieczny Bank 3 (72) (2018), pp. 164 - 184. DOI: 10.26354/bb.8.3.72.2018
• Czyżewski, A i in. “Analysis of results of large-scale multimodal biometric identity verification experiment”. IET Biometrics, 2018, 8(1), pp. 92-100.
• Damaševicius, R. i in. „Smartphone user identity verification using gaitˇ characteristics”. W: Symmetry 8.10 (2016), p. 100.
• Deb, Debayan, et al. "Actions Speak Louder Than (Pass) words: Passive Authentication of Smartphone Users via Deep Temporal Features." arXiv preprint arXiv:1901.05107 (2019).
• Fridman, L. i in. „Active authentication on mobile devices via stylometry, application usage, web browsing, and GPS location”. W: IEEE Systems Journal 11.2 (2017), pp. 513–521.
• Giuffrida, C. i in. „I sensed it was you: authenticating mobile users with sensor-enhanced keystroke dynamics”. W: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. Springer. 2014, pp. 92–111.
• Guerra-Casanova J. i in. „Authentication in mobile devices through hand gesture recognition”. International Journal of Information Security 11.2 (2012), pp. 65–83.
• Hoang T. i Choi D. „Secure and privacy enhanced gait authentication on smart phone”. W: The Scientific World Journal 2014 (2014).
• Hosseini, Seyedehzahra. "Fingerprint vulnerability: A survey." 2018 4th International Conference on Web Research (ICWR). IEEE, 2018.
• Imgraben J., Alewyn E. i Kim-Kwang Raymond Choo. „Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users”. W: Behaviour & Information Technology 33.12 (2014), pp. 1347–1360.
• Jain A., L. Hong i S. Pankanti. „Biometric identification”. W: Communications of the ACM 43.2 (2000), pp. 90–98.
• Jain, Anil K., Ruud Bolle, and Sharath Pankanti, eds. “Biometrics: personal identification in networked society.” Vol. 479. Springer Science & Business Media, 2006.
• Kałuzny P. „Behavioural Profiling Authentication Based on Trajectory Based Anomaly Detection Model of User’s Mobility”. W: International Conference on Business Information Systems. Springer. 2017, pp. 242–254.
• Karnan M., M. Akila i N. Krishnaraj. „Biometric personal authentication using keystroke dynamics: A review”. W: Applied Soft Computing 11.2 (2011), pp. 1565–1573.
• Kindt E. J. „An Introduction into the Use of Biometric Technology”. W: Privacy and Data Protection Issues of Biometric Applications. Springer, 2013, pp. 15– 85.
• Li F.i in. „Active authentication for mobile devices utilising behaviour profiling”. W: International journal of information security 13.3 (2014), pp. 229– 244.
• Li F.i in. „Behaviour profiling for transparent authentication for mobile devices”. W: European Conference on Cyber Warfare and Security. Academic Conferences International Limited. 2011, p. 307.
• Li L., Zhao X. i Xue G. „Unobservable re-authentication for smartphones.” W: NDSS. 2013, pp. 1–16.
• Martinez-Diaz M. i in. „Mobile signature verification: Feature robustness and performance comparison”. W: IET Biometrics 3.4 (2014), pp. 267–277.
• Meng W. i in. „Surveying the development of biometric user authentication on mobile phones”. W: IEEE Communications Surveys & Tutorials 17.3 (2015), pp. 1268–1293.
• Patel, V. M., N. K. Ratha i R. Chellappa. „Cancelable Biometrics: A review”. W: IEEE Signal Processing Magazine 32.5 (2015), pp. 54–65. ISSN: 1053-5888. DOI: 10.1109/MSP.2015.2434151.
• Patel V. M. i in. „Continuous user authentication on mobile devices: Recent progress and remaining challenges”. W: IEEE Signal Processing Magazine 33.4 (2016), pp. 49–61.
• Piekarczyk M i M. R. Ogiela. „On using palm and finger movements as a gesture-based biometrics”. W: Intelligent Networking and Collaborative Systems (INCOS), 2015 International Conference on. IEEE. 2015, pp. 211– 216.
• Primo A. i in. „Context-aware active authentication using smartphone accelerometer measurements”. W: Computer Vision and Pattern Recognition Workshops (CVPRW), 2014 IEEE Conference on. IEEE. 2014, pp. 98–105.
• Radha N. i S..Karthikeyan. „An evaluation of fingerprint security using noninvertible biohash”. W: International Journal of Network Security & Its Applications (IJNSA) 3.4 (2011).
• Raja, K. B. i in. „Multi-modal authentication system for smartphones using face, iris and periocular”. W: Biometrics (ICB), 2015 International Conference on. IEEE. 2015, pp. 143–150.
• Roy, Aditi, et al. "Evolutionary methods for generating synthetic masterprint templates: Dictionary attack in fingerprint recognition." 2018 International Conference on Biometrics (ICB). IEEE, 2018.
• Saeed Khalid. „Biometrics principles and important concerns”. W: Biometrics and Kansei Engineering. Springer, 2012, pp. 3–20.
• Saevanee H. i in. „Continuous user authentication using multi-modal biometrics”. W: computers & security 53 (2015), pp. 234–246.
• Staszczyk M. „Ochrona konsumentów korzystających z usług bankowosci elektronicznej na przykładzie ankiety przeprowadzonej wśród osób pracujących i/lub studiujących w Łodzi”. W: Bezpieczny Bank 1 (62) (2016), pp. 149– 164.
• Tresadern P. i in. „Mobile biometrics (mobio): Joint face and voice verification for a mobile platform”. W: IEEE pervasive computing (2012).
• Urban A. i T. Woszczynski. „Biometryczne uwierzytelnianie klienta w oddziale bankowym”. W: Gazeta Bankowa 4 (2012), pp. 86–87.
• Wójtowicz A. i K. Joachimiak. „Model for adaptable context-based biometric authentication for mobile devices”. W: Personal and Ubiquitous Computing 20.2 (2016), pp. 195–207.
• Woo R. H, A. Park i T. J. Hazen. „The MIT mobile device speaker verification corpus: data collection and preliminary experiments”. W: Speaker and Language Recognition Workshop, 2006. IEEE Odyssey 2006: The. IEEE. 2006, pp. 1–6.
• Yang L. i in. „Unlocking smart phone through handwaving biometrics”. W: IEEE Transactions on Mobile Computing 14.5 (2015), pp. 1044–1055.
• Zakonnik Ł. i Czerwonka P.. „PŁATNOSCI MOBILNE W POLSCE– ANALIZA SWOT.” W: Studia i Materialy Polskiego Stowarzyszenia Zarzadzania Wiedza/Studies & Proceedings Polish Association for Knowledge Management 71 (2014).
• Zou L., Qianhua H. i Xiaohui F. „Cell phone verification from speech recordings using sparse representation”. W: Acoustics, Speech and Signal Processing (ICASSP), 2015 IEEE International Conference on. IEEE. 2015, pp. 1787– 1791.
• Związek Banków Polskich, „Biometria w bankowości i administracji publicznej”, Warszawa (2009).
• Androidauthority.com. Penetracja rynkowa smartfonów z czujnikami linii papilarnych 2018. https://www.androidauthority.com/2018-smartphones-fingerprint-sensors-803905/. [Online; 10.09.2018].
• Boczoń W. Bankier.pl. Biometria w bankowości. Co za jej pomocą załatwimy dziś w banku? https://www.bankier.pl/wiadomosc/Biometria-wbankowosci-Co-za-jej-pomoca-zalatwimy-dzis-w-banku7542743.html. [Online; 10.09.2018].
• Bkav „Bkav’s new mask beats Face ID in "twin way": Severity level raised, do not use Face ID in business transactions” http://www.bkav.com/d/top-news/ /view_content/content/103968/bkav%EF%BF%BDs-new-mask-beats-face-id-in-twin-way-severity-level-raised-do-not-use-face-id-in-business-transactions. [Online; 10.03.2019]
• DigiTimes. Penetracja rynkowa smartfonów z czujnikami linii papilarnych 2018. http://www.digitimes.com/news/a20160818PD208.html [Online; 10.09.2018].
• Mastercard. Raport Mastercard Bankowość mobilna - trendy i wyróżniki oferty w Polsce i na świecie http://konferencje.alebank.pl/wp-content/uploads/2017/06/PM.Bankowosc-mobilna.Adam_.Splawski.Mastercard.pdf [Online; 10.09.2018].
• Narodowy Bank Polski (NBP). Informacja o rozliczeniach pieniężnych i rozrachunkach międzybankowych w III kwartale 2017 r. https://www.nbp. pl/systemplatniczy/publikacje/2017_3.pdf?v=20171023 [Online; 10.09.2018].
• PwC. Mobile Payment Report 2017. https://www.pwc.de/mobilepayment. [Online; 10.09.2018]
• Statista.com. Penetracja rynkowa smartfonów z czujnikami linii papilarnych 2018. https://www.statista.com/statistics/522058/global-smartphone-fingerprint penetration/ [Online; 10.09.2018].
• Telesign, Lawless Research. Beyond the Password: The Future of Account Security. https://www.telesign.com/wp-content/uploads/2016/06/Telesign-Report Beyond the Password-June-2016-1. pdf. [Online; 10.09.2018].
• Thakkar, Danny. Top Five Biometrics: Face, Fingerprint, Iris Palm, and Voice. Ed. by bayometric.com. https://www.bayometric.com/biometricsface-finger-iris-palm-voice/. [Online; 10.09.2018].
• TrendForce. Penetracja rynkowa smartfonów z czujnikami linii papilarnych 2018. https://press.trendforce.com/press/201801113049.html [Online; 10.09.2018].
• Uryniuk. J. Ąlior, ING i SGB wycofują z oferty płatności mobilne NFC. Usługa będzie dostępna już tylko w dwóch bankach". https://www.cashless. pl/wiadomosci/platnosci-mobilne/2174-alior-ing-isgb-wycofuja-z-oferty-platnosci-mobilne-nfc-uslugabedzie-dostepna-juz-tylko-w-dwoch-bankach [Online; 10.09.2018].
• Visa - Digital Payments Study 2017. https://www.visa.pl/o-nas/ aktualnosci/upowszechnienie-pieniadza-mobilnego-wpolsce-77-percent-badanych-uzywa-smartfonow-dobankowania-i-codziennych-platnosci-2190949. [Online; 10.09.2018].
• Visa. Visa - Digital Payments Study 2017 ikonografika. https://www.visa. pl/o-nas/aktualnosci/infografika-digital-paymentsstudy-2017-71231. [Online; 10.09.2018].
• Visa. European consumers ready to use biometrics for securing payments 2017. https://www.visaeurope.com/newsroom/news/european-consumers-ready-for-biometrics. [Online; 10.09.2018].

Identifiers

DOI

10.26354/bb.7.1.74.2019

Biblioteka Nauki

2035103