Challenge response interaction for biometric liveness establishment and template protection

Abstract

This paper describes biometric liveness establishment in support of server-side authentication computation on user face data, as captured on client-side apparatus, via a bidirectional user-to-server challenge-response interaction. We propose for server-side issue of a random challenge, with the user undertaking verbal delivery of the response into aforesaid capture apparatus. This spoken input is subject to speaker-independent speech decoding, on the client-side platform, for extraction of the response numeric or symbolic valuation, which is then transmitted to the authentication server. Computation undertaken on this challenge-response pair, as specific to user interaction of interest, would then result in a test authenticator, which is then verified against some user-specific reference valuation as previously established during initial user enrolment. This user-specific authenticator, as presumed secret and exclusive to particular user, can furthermore be used in support of biometric salting as used to generate a secure biometric template. These templates would constitute a cancellable biometric, allowing for credential management processes equivalent to those undertaken on user-specific passwords or physical tokens, and furthermore preserving the privacy of the underlying biometric data.