Yes! It’s here… We have started to work around the new biometric authentication for MYETV and i want to share some of the work behind the scenes around that; first of all i would like to say it’s not easy to build a similar system, you have to pass through hashing, encryption, authorization and authentication. These processes are the core of the system as we are working with images we must be sure that images are stored anonymously (hashed) safely (encrypted) in a not-accessible space (authentication) and ready to be unpacked when needed (auth&auth). The integrity of the packets is guaranteed by the encryption.
STORING OF IMAGES
There are two type of image storing:
– The one you save in your account for authorization
This image is stored for long time period; this mean it must be compressed and encrypted in the right way; for that we use a command line software called “7z” with password protected different for every user and with AES-256 encryption enabled and encrypted file names too. The original image will be deleted securely when the compressed file is ready.
– The one you try to check/match the result and get the authorization
This image is stored just for the time needed for the check and will be stored hashed and deleted just right after the biometric check; this image is stored just for some seconds.
UPLOADING OF IMAGES
By “uploading” we means everytime a user check the image with another or everytime a user change the image in the account; the uploading is with https, simple, fast, drag and drop and will work in every operating system. The uploading for this type of check must be an image in JPEG(jpeg,jpg) or PNG format and must no be greater than 5MB.
BEHIND THE SCENES
At the time of the check the A.I. will decrypt, decompress and extract the image file stored in the account, ready to be compared with the one just uploaded; the A.I. will convert the images in different colors and filters and will compare pixels and result the difference in points. Less are the points differents and more the images are similar; we can configure also the precision. At the time of the test, design are more precise than picture, especially if the pictures are taken from different prospective, but this feature can recognize faces with a tweek in the precision settings.
The platform permit 8 try for the email/username check and then the user must close and reopen the page or delete the cookies to try again; and just 4 try for the biometric authentication. When a user wrong 4 time the biometric authentication, the platform will automatically turn off the biometric authentication for that user and will send a notify to the user directly; after 4 wrong try the biometric authentication will turn off.
- Can be turned on or off in any moment
- Free as base security for every users
- Works with any type of complex images (jpg or png)
- Noway to use keyloggers and others type of common authentication Attacks
- No need of third partyes hardware or devices to work
- Can load images from client cloud, computer or client’s network
- Can load images from camera enabled devices
- Can draw an image and save it local, while authenticating, in touch-screen enabled devices
- Can be used together with the password authentication to enhance the security
- Edit or changing the main password will reset the biometric image
- Edit or changing the biometric image will disconnect all devices
- Precision of the biometric check 96%
POSSIBLE USE IN THE FUTURE
We have to look inside the future development of main features and this feature is one we will update and improve for good; it would be interesting to test it in combination together with the default password authentication (email&password). For this, in the future, will be possible to let the user choose from various level of authentications: only email&password or only biometric or email&password&biometric; by choosing one of that will disable the other, in this way the authentication method will be improved a lot, if it needed. We will focus the works in this way, for the next update of this feature.
WAY TO USE
We tested in a lot of way… For example this type of biometric authentication could be used in addition with a USB key to authenticate a user with the image stored in the key for a period of time (till when the user change the image in the account or disable this type of authentication); or could be used to authenticate with a face-recognition as the upload can open the webcamera in the file window; or could be used to authenticate with a complex design pattern to be sure nobody can copy it; maybe your sign writted with your hand with a touch screen.
The biometric authentication can be turned on or off anytime in the account by the owner of the same. At the time of signup the biometric authentication is turned off by default.