Review Article

Novel Journal of Applied Sciences Research

Cybersecurity in Biometric Authentication

Sampath Talluri*
Department of Computer Science, Western Michigan University, 1903 W Michigan Ave, Kalamazoo, MI 49008

*
Corresponding author: Sampath Talluri, Department of Computer Science, Western Michigan University, 1903 W Michigan Ave,
Kalamazoo, MI 49008.

Submitted: 27 March 2024 Accepted: 02 April 2024 Published: 10 April 2024

Citation: Sampath Talluri (2024) Cybersecurity in Biometric Authentication. Nov Joun of Appl Sci Res, 1(2), 01-05.

Abstract
Biometrics is the study and application of unique individual features, whether physical or behavioral, integrated for
measurement or analysis to ensure security. Fingerprints, iris patterns, facial features, speech patterns, hand geome-
try, and behavioral aspects such as typing speed, rhythm, and stride are examples of such characteristics. Biometrics
are most typically employed for identification and authentication because of their capacity to reliably distinguish
individuals based on their unique characteristics. Because biometrics may make many systems and procedures more
secure, they are an absolute must-have for cybersecurity professionals. Using biometrics for identity verification and
multi-factor authentication can assist with defense-in-depth, commonly known as layers of security.

Keywords: Cybersecurity, Biometric Authentication, Fingerprints, Iris Patterns, Facial Features, Speech Patterns, Hand Geometry

Introduction When it involves securing our on-line world from the steady
Background danger posed by way of hackers and different antagonistic ac-
With the increasing digitization of the society and their daily tors, conventional protection approaches are inadequate. Bio-
lives, there has never been a more critical time in the society for metrics enhances our security features by leveraging wonderful
integrating cyber security [1]. With the increased advent of dig- behavioral and physical features.
italization, the cyber threats are also increasing on a high pace.
Cybercriminals and hackers are always honing their craft to ex- In a global where personal identity numbers (PINs) and pass-
ploit new holes in the systems and steal sensitive information. words are the norm, biometrics offer a novel solution. Unlike
They are continually expanding their powers. Biometric cyber conventional authentication strategies that rely upon passwords
security outperforms more traditional, ineffective security solu- or protection tokens, biometrics leverage a person's unique
tions. physiological or behavioral capabilities. This is an assessment
of traditional identification verification approaches.
Biometric solutions that use cutting-edge biometric technology
have made it easier than ever before to protect digital assets [1]. Despite its several benefits, biometric generation does have
Voice recognition, fingerprint scanning, and facial recognition positive downsides. Researchers and builders are continuously
are just a few of the unique biological and behavioral character- improving biometric technologies to address flaws and growth
istics that these systems use to verify identities and grant access. security. Adding biometrics to multi-element authentication
Bad actors' constant attacks on cybersecurity render traditional (MFA) systems that already employ different authentication ele-
security processes ineffectual. Biometrics enhances our securi- ments, which include passwords or tokens, improves safety and
ty measures by leveraging distinct behavioral and physical fea- reduces the chance of potential risks. Cybersecurity is presently
tures. doing research and improvement in a whole lot of fields, along
with biometric statistics, privateness and information security,
Biometrics is a means of precisely identifying a person primar- and other associated issues. To resolve those issues and maintain
ily based on physiological and behavioral factors which include the integrity and secrecy of the biometric authentication pro-
their face, fingerprints, voice, or different traits. On the other cedure, efforts are ongoing to improve encryption, maintain a
hand, “Cybersecurity” refers to the process of defensive data steady biometric information garage, and improve anti-spoofing
systems, networks, records, and devices from net-primarily mechanisms.
based attacks [2].

Page No: 01 www.mkscienceset.com Nov Joun of Appl Sci Res 2024

Aim, Objectives, and Research Questions hand patterns, face recognition, retinal patterns, and fingerprints
Aim [3, 4].
To understand the relationship between cyber security and bio-
metric authentication.

Objectives
• To develop an understanding of the notion of cyber security
and biometric authentication.
• To highlight the factors of biometric authentication.
• To outline the principles of cyber security.
• To draw on the relationship between cyber security and bio-
metric authentication.

Research Questions
• What is the idea of cyber security and biometric authenti-
cation?
• What are the elements of biometric authentication? Figure 1: Biometric System [Source: Sheikh and Majid, 2019]
• What are the fundamentals of cyber security?
• What is the link between cyber security and biometric au- Face features such as nose distance, lips, ears, facial length, and
thentication? skin tone are used for verification and identification. Fog, eye-
wear, aging, and other factors may all reduce accuracy. Patterns
Research Rationale detected in the eye are unique and may be used for both identifi-
Biometrics refers to the use of physical and behavioral charac- cation and recognition. Devices for testing the retina are expen-
teristics to identify individuals. Fingerprints, facial traits, voice sive; hence, they are less common. Diseases like cataracts may
patterns, iris/retina scans, and even typing rhythm are examples affect iris patterns.
of such qualities. Unlike passwords or tokens, which can be
readily lost or stolen, biometrics are unique to each person, mak- Impact on Business Efficiency, Security, and Compliance
ing them difficult to counterfeit or copy. Biometric identity plays Biometric security refers to the use of biometric information for
an increasingly important part in our daily security. Physical identification, access control, and authentication. Biometric data
characteristics are usually stable and unmistakable, especially is recorded by hardware components such as cameras or finger-
in the case of twins. Everyone’s unique biometric identification print scanners and then scanned and algorithmically compared
might be used to replace or supplement password systems for to information stored in a database [5]. If the two pieces of data
computers, phones, limited access rooms, and buildings. match, the identification is verified, and access is granted.

Significance of the Research The biometric system is vulnerable to several harmful assaults
Fingerprints are unique to each person. They may be quantified that may be carried out by various types of threats. Malicious
in many ways. The minutiae-based assessment uses graphs to assaults on a biometric machine pose a security concern and re-
compare ridges, while image-based measurement compares duce the system's performance. There are various limitations to
similarities between an individual's finger image and fingerprint biometric systems, such as spoof attacks, noisy sensor data, in-
photos already in the database. It offers a high level of securi- terclass variations, and interclass similarities.
ty and is used for both identification and verification. Howev-
er, fingerprints may be altered due to aging or disease/injury. There are almost 20 different types of biometric data, including
Common applications include authentication on mobile devices fingerprints, face, and voice. Each sort of biometric information
and identity in the workplace. Physical biometrics assesses in- may be hacked in a variety of ways. Installing a skimmer on
trinsic physiological characteristics such as the anatomy of the ATMs or other biometric scanning equipment is a common and
eye, face, hand, or voice. For example, iPhone biometrics al- long-standing method of obtaining fingerprints. It scans finger-
lows you to unlock your phone using your fingerprint. When you prints and creates phony reproductions that may be used to gain
walk through a scanner at the airport, the system compares your access to devices or sensitive data.
scanned face structure to the data in your passport.
Framework for HRMS's and IAM's Successful Integration
Literature Review of deepfake technology has made biometric hacking far more
Factors Affecting the Integration sophisticated while also making it more accessible to hackers.
Biometric security is a kind of security that uses behavioral and By launching a biometric spoofing attack, hackers may breach
physical characteristics to identify individuals. It is the most ac- a protected system by using users' selfies, images, and videos
curate and reliable physical security solution for identity verifi- from social media to create bogus identifiers such as face, voice,
cation. Biometric authentication indicates that individuals may or even fingerprints.
be accurately recognized based on their inherent behavioral or
physical characteristics. Biometrics are often used in securi- "While we are the owners of our own faces and voices, we are not
ty systems where physical protection is required and theft is a the only ones with access to them," said Warmenhoven. "People
problem. These biometric security solutions store and employ have left so much biometric data throughout the years of being
physical characteristics that are consistent over time, such as active social media users that the present capabilities of artificial

Page No: 02 www.mkscienceset.com Nov Joun of Appl Sci Res 2024

intelligence to construct deepfakes make it a weapon against our er, examine, and interpret a dataset's underlying themes or pat-
privacy. Only this time, without our original permission." terns. This technique will be applied to thoroughly comprehend
Biometric data required to unlock a gadget is difficult to get HRMS and IAM integration by extracting significant findings
since it is often stored in the device as encrypted binary code. from the literature, recognizing crucial trends, and developing
However, providing applications with biometric data or allow- a holistic vision.
ing them to exploit it is not always a secure idea. Users may
provide biometric information without understanding who the Tools and Techniques
app's makers are or how the collected data will be used [6, 7]. The study will explore the existing literature and assess the is-
sue using the correct methodologies and processes. It will be
Various Integration Approaches completely referenced management software and will be utilized
New technology breakthroughs bring new faults and concerns, to arrange and supervise the data that has been acquired me-
making cyber security a major concern. Along with these de- thodically. This will make it much simpler to find certain works
velopments, we must remember that hackers are constantly in- of literature. This analytic method may greatly simplify coding,
novating and continue to pose a threat to cyberspace. Because subject finding, and data understanding.
traditional methods of protection, such as passwords, are inef-
fective, more organizations and people are adopting biometric Ethical Consideration
security as the preferred option to defend their cyberspace from The examination will be carried out in line with the strictest eth-
threat actors. Facial recognition and fingerprint scanning are al- ical standards. The research project must always rigorously ad-
ready widely used technologies. here to the norms of anonymity, secrecy, and informed consent.
To ensure academic integrity, all sources must be accurately at-
Methodology tributed. This research will also not gather primary data from
Data Collection people or groups.
When conducting research, collecting relevant information or
data is standard practice. Findings and Analysis
The following section's objectives include developing a solid
conclusion and reviewing the literature read thus far.

The Need
Every day, it seems that there are more stories about data breach-
es affecting both large and small businesses. As these incidents
continue, businesses are realizing that they must immediately
implement additional security measures. Companies are gradu-
ally moving away from passwords in favor of biometric authen-
tication technologies, without fully considering all the implica-
tions. While there are apparent advantages to biometrics, it is
critical to thoroughly weigh each option.

Nonetheless, even if biometric data is stored on the server or

cloud of a respectable app developer, it is far more dangerous
Figure 2: Secondary Data Collection [Source: Bhat, 2018] since there is always the possibility of a data breach. Further-
more, biometrics hacking assault might be carried out by inter-
Getting secondary data requires reading and investigating pre- ception of data transfer between the user's device and storage
viously published items, including books, journals, and other [8].
written works. An in-depth literature study will be used to col-
lect secondary data for this project. It is predicted that by doing The Impact of this Integration
this literature study, the article would gather current and relevant The high assaults are important to any biometric system that is
information on HRMS and IAM system integration. The primary to be researched, and countermeasures must be included when
sources of information for this study will include whitepapers, in- developing the biometric system. The various assaults against
dustry reports, and scholarly works released in the last few years. biometric systems with the advancement of technology, hackers
may now submit a phone biometric sample to a sensor to get
Search Strategy access to the biometric system. Some examples of such harmful
A systematic search approach will be applied to discover top- assaults on the sensor are fake face masks, silicon fingerprints,
ic-relevant literature. As part of our plan, the study seeks to eval- eye lenses, and so on. In this attack, a data stream from the bio-
uate numerous prominent academic databases, including Web of metric system is introduced between the sensor and the process-
Science, Scopus, and Google Scholar. Some keywords included ing system. A repeat assault might be a two- or three-phase tac-
during the search are identity and access management (IAM) tic. It first intercepts or duplicates the sensor transmission and
integration with security, compliance, and efficiency. then alters or modifies the data before replaying it.

Data Analysis Primary Considerations for the Integration

The acquired data will be submitted to theme analysis for qual- Spoofing the Feature Set: The process of replacing the feature
itative analysis. The objective of thematic analysis is to uncov- set with fake or changed features is known as data spoofing.

Page No: 03 www.mkscienceset.com Nov Joun of Appl Sci Res 2024

These types of spoofing attacks are often used to target many in revenue by 2023, making it the world's third-largest econo-
networks, spread malware, and steal sensitive information. A my behind China and the United States. In fact, it is expected
template is a set of key characteristics summarizing a person's to exceed $10.5 trillion every year by 2025, but expenditure on
biometric data (signal) [9, 10]. The templates may be modified cybersecurity protection measures will only total $1.75 trillion
to get a high verification score regardless of whatever picture is from 2021 to 2025. Given the massive increase in cybercrime,
provided to the system. Templates recorded in the database may it's clear that traditional security mechanisms such as passwords,
be replaced, stolen, or updated. As a result, the system suffers as PINs, and tokens no longer provide enough protection. This sug-
genuine users' scores fall. Template-generating algorithms have gests that community financial institutions (CFIs) should use
been categorized as one-way algorithms. every tool at their disposal to resist increasingly sophisticated
cyberattacks. Biometrics is a potentially valuable weapon in
their arsenal.

Conclusion
Biometric technology, which includes fingerprint ID, retinal
scanning, and face recognition, uses unique human behavior-
al or physical characteristics and indicators to verify identities
and authenticate transactions. Passive speech recognition, also
known as AI-based conversational biometrics, may detect an
individual's usage of words, language, and grammar. In other
words, biometric security uses your body as the "key" to open
your access. Biometric IDs are unique and impossible to forge,
making it very unlikely that an unauthorized user would get ac-
Figure 3: Data Spoofing Attacks [Source: Kamble, et al., 2020] cess to sensitive information. Even if a biometric template is
produced, it cannot be used correctly since it needs the physical
Pitch, voice modulation, and tone are among the variables exam- presence of the individual.
ined. Security is medium, and since people' voices are similar, it
is frequently used for verification. The accuracy may be affected Biometrics are identification methods that use an individual's
because of noise, ageing, or illness. physiological and behavioral attributes, such as face, fingerprint,
voice, or other characteristics, to precisely identify them. De-
DNA is unique and remains constant throughout life. Thus, secu- pending on the use case and criticality, some systems employ
rity is good and may be used for both identification and verifica- biometrics as a form of authentication, while others use it as
tion. Eye identification uses the unique pattern of an individual's needed. Regardless, biometrics has improved security. Most or-
iris or retina to identify them. Because this kind of biometric ganizations choose the latter since it requires both something
authentication is more complex to deploy, it is less common than you know/have (passwords, authentication devices) and some-
the other biometric authentication options. To be accurate, an iris thing you are (biometrics) for authentication. This provides an
scan needs an infrared light source, an IR-capable camera, and additional layer of security and ensures a person's precise iden-
little light pollution. Despite its limitations, it is one of the most tification. Consequently, it reduces infractions. For example,
accurate biometric identification systems known if certain pa- some very secure server rooms use face recognition in conjunc-
rameters are satisfied. Eye recognition is often used in contexts tion with a password to allow access.
where security is crucial, such as nuclear research facilities etc.
Recommendations
Challenges, Benefits, and Best Practices A biometrics degree combines skills from a variety of disciplines,
Integrating IAM with HRMS has captured and mapped many including biology, computer science, engineering, statistics, and
biometric data, and it is saved to be matched with future attempts electrical engineering. Cybercrime is becoming more prevalent
at access. Most of the time, this data is e-encrypted and stored as internet technology advances. The cyber security sector has
on the device or a distant server. Biological material, such as grown significantly in recent years. As the level of Internet espi-
DNA extracted from blood, saliva, or hair samples, is very ac- onage and terrorism rises around the world, so does the demand
curate and is often used as evidence in criminal trials. However, for cyber security experts. Due to the increased complexity of
biological biometric analysis is currently too slow to be used cybercrime, the training required to enter the field becomes more
for security control in most cases. Behavioral biometrics mea- stringent as the number of cybersecurity jobs available grows.
sures differentiating characteristics expressed in your external Recent high-profile hackings of government and commercial
activities. Everyone's handwriting differs, and everyone writes sector websites have prompted the training and certification of
on a keyboard and walks differently enough that artificial intel- additional security staff.
ligence can accurately identify people based on those character-
istics. Surfing behaviors and the specific gear used may even be For decades, governments have collected biometric data, starting
combined to generate a distinct surfing fingerprint. with paper records of basic physical features like eye color, hair
color, and height. For more than a century, police have used fin-
Biometric scanners are pieces of technology that collect biomet- gerprints collected at crime scenes to build databases of suspects
ric data for the purpose of verifying identification [11]. These and offenders. At the start of World War, I, Britain and other
scans compare the stored database to allow or prohibit access to countries started issuing passports with basic physical identifiers
the system. Global cybercrime is expected to generate $8 trillion to allow governments to screen immigrants and differentiate be-

Page No: 04 www.mkscienceset.com Nov Joun of Appl Sci Res 2024

tween citizens (who have certain rights) and non-citizens (who 6. Bobby L. Tait (2021) Aspects of biometric security in in-
may have hostile intent). ternet of things devices. Digital Forensic Investigation of
Internet of Things (IoT) Devices 169-186.
References 7. Adi Bhat (2018) Secondary Research- Definition, Methods
1. Dietmar PF Möller (2023) Cybersecurity in digital trans- and Examples. QuestionPro. https://www.questionpro.com/
formation. Guide to Cybersecurity in Digital Transforma- blog/secondary-research/
tion: Trends, Methods, Technologies, Applications and Best 8. Nikhat Akhtar, Bedine Kerim, Yusuf Perwej, Anurag Ti-
Practices. Cham: Springer Nature Switzerland 1-70. wari, Sheeba Praveen (2021) A comprehensive overview
2. Ritushree Narayan; N. V. Balaji; Kalanandhini G; Parikshit of privacy and data security for cloud storage. International
N. Mahalle; Javed Wasim (2023) Developing the Role of Journal of Scientific Research in Science Engineering and
Firewalls in Enhancing Web Security for Wireless Net- Technology. 8: 113-152.
works. 3rd International Conference on Smart Generation 9. Le-Bing Zhang, Fei Peng, Le Qin, Min Long (2018) Face
Computing, Communication and Networking (SMART spoofing detection based on color texture Markov feature
GENCON) 1-6. and support vector machine recursive feature elimination.
3. Muhammad Sharif, Mudassar Raza, Jamal Hussain Shah, Journal of Visual Communication and Image Rsepresenta-
Mussarat Yasmin & Steven Lawrence Fernandes (2019) An tion 51: 56-69.
overview of biometrics methods. Handbook of Multimedia 10. Kamble MR., Sailor HB, Patil HA and Li H (2020) Ad-
Information Security: Techniques and Applications 15-35. vances in anti-spoofing: from the perspective of ASVspoof
4. Yamna Sheikh, Muhammad Imran Majid (2019) ATM & challenges. APSIPA Transactions on Signal and Information
Biometric Solutions: A Case Study. International Journal of Processing 9: 2.
Experiential Learning & Case Studies, 4: 237-253. 11. Singh G, Bhardwaj G, Singh SV and Garg V (2021) Bio-
5. Shaveta Dargan, Munish Kumar (2020) A comprehensive metric identification system: security and privacy concern.
survey on the biometric recognition systems based on phys- Artificial intelligence for a sustainable industry 4: 245-264.
iological and behavioral modalities. Expert Systems with
Applications 143: 113114.

Copyright: ©2024 Sampath Talluri. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits
unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Page No: 05 www.mkscienceset.com Nov Joun of Appl Sci Res 2024