Yes! It’s here… We have started to work around the new biometric authentication for MYETV and i want to share some of the work behind the scenes around that; first of all i would like to say it’s not easy to build a similar system, you have to pass through hashing, encryption, authorization and authentication. These processes are the core of the system as we are working with images we must be sure that images are stored anonymously (hashed) safely (encrypted) in a not-accessible space (authentication) and ready to be unpacked when needed (auth&auth). The integrity of the packets is guaranteed by the encryption.
STORING OF IMAGES
There are two type of image storing:
- – The one you save in your account for authorization
This image is stored for long time period; this mean it must be compressed and encrypted in the right way; for that we use a command line software called “7z” with password protected different for every user and with AES-256 encryption enabled and encrypted file names too. The original image will be deleted securely when the compressed file is ready
- The one you try to check/match the result and get the authorization
This image is stored just for the time needed for the check and will be stored hashed and deleted just right after the biometric check; this image is stored just for some seconds, the time needed for the check, and will be completely deleted.
UPLOADING OF IMAGES
By “uploading” we means everytime a user check the image with another or everytime a user change the image in the account; the uploading is with https, simple, fast, drag and drop and will work in every operating system. The uploading for this type of check must be an image in JPEG(jpeg,jpg) or PNG format and must no be greater than 5MB.
BEHIND THE SCENES
At the time of the check the A.I. will decrypt, decompress and extract the image file stored in the account, ready to be compared with the one just uploaded; the A.I. will convert the images in different colors and filters and will compare pixels and result the difference in points. Less are the points differents and more the images are similar; we can configure also the precision. At the time of the test, design and images are more precise than picture (photo), especially if the pictures are taken from different prospective, but this feature can also recognize faces with a tweek in the precision settings (not recomended use at the moment).
The platform permit 8 try for the biometric pass check and then the user must close and reopen the page or delete the cookies to try again; and just 4 try for the biometric authentication. When a user wrong 4 time the biometric authentication, the platform will automatically turn off the biometric authentication for that user and will send a notify to the user directly; after 4 wrong try the biometric authentication will turn off.
- Can be turned on or off in any moment
- When activated, it gives you a Biometric Pass Code (min. lenght 10 characters) to insert instead of the username/email
- Free as base security for every users
- Works with any type of complex images (jpg or png)
- Noway to use keyloggers and others type of common authentication Attacks
- No need of third partyes hardware or devices to work
- Can load images from client cloud, USB key, computer or client’s network
- Can load images from camera enabled devices
- Can draw an image and save it local, while authenticating, in touch-screen enabled devices
- Can be used together with the password authentication to enhance the security
- Edit or changing the main password will reset the biometric image
- Edit or changing the biometric image will disconnect all devices
- Precision of the biometric check 96%
WAY TO USE
We tested in a lot of way… For example this type of biometric authentication could be used in addition with a USB key to authenticate a user with the image stored in the key for a period of time, till when the user change the image in the account or disable this type of authentication (recomended use); or could be used to authenticate with a complex design pattern to be sure nobody can copy it; maybe your sign writted with your hand with a touch screen (recomended use); or could be used to authenticate with a face-recognition as the upload can open the webcamera in the file window (not recomended use).
The biometric authentication can be turned on or off anytime in the account by the owner of the same. At the time of signup the biometric authentication is turned off by default.
TERMS OF SERVICES
- The biometric login can be activated or deactivated in the account settings (default: deactivated)
- The Biometric Pass Code is released to you at the moment of the activation and is min. 10 characters formed by letters and numbers
- The Biometric Pass Code is a Cryptographically-secure pseudorandom string and is saved in your account
- The Biometric Pass Code will change everytime the feature is activated (renew) or deactivated (deleted) and is always show at the “Biometric Settings” inside the “Edit Profile” page
- You can enter a passcode for up to 8 attempts, if they all fail you will need to restart the app to try again
- You must upload an image file not greater than 5MB
- The biometric image can be changed anytime without turning OFF/ON the feature
- You can upload the image for the biometric comparison for a maximum of 4 attempts, if all attemps fail the Biometric Authentication will be turned off for that user and an email will be sent to the user to inform of that. The biometric Authentication for that user cannot be used again once the user will turned it on again
- When the biometric access is deactivated all data, including the image, will be deleted