Dissertation: Improving the authentication process on systems that require magnetic cards and PINs by using fingerprint biometrics.

The success and growth of systems that require magnetic cards and PIN numbers as a means of authentication has led to a huge demand on the companies providing these systems to their clients, since these cards and PINs provide a two-factor authentication method to process fast and accurate transactions or commands. Magnetic cards and PINs are not considered the best method for secure authentication and systems making use of such an authentication mechanism may encounter difficulties at some stage or another.

Integrating a fingerprint reader device within these systems will definitely heighten the level of security to a three-factor authentication process. This minimizes fraud and theft in a way that the attacker needs the victim’s physical fingerprint in order to authenticate on his/her behalf.  Manual and digital pickpocketing would not be effective in stealing high sensitive personal data or money after integrating a fingerprint reading device with these systems. Today’s smartphones have an NFC (Near Field Communication) chip that reads credit card information from an embedded NFC chip. This technology creates a huge risk because an attacker could place their own Smartphone with the NFC feature enabled near a victim’s NFC compatible credit card, and steal that information to access the victim’s high sensitive private data.

Enrollment and Authentication applications were developed using two different programming languages which are C# and Java to develop prototypes in order to test and compare how a fingerprint reader integrated with systems that require magnetic cards and PINs handles different situations while the user is being authenticated.

Results have shown that a fingerprint device integrated with such a system enhances security such that only those specific registered users are authenticated, because the attacker would still require the victim’s fingerprints in order to properly authenticate. Enrolling within the system using a thin glove was accepted by the C# application while when compared with Java application, this input was rejected. Using the fingerprint reader for enrolling and authenticating in different lighting situations such as in normal daylight or during darker surroundings were tested and compared by using both programming languages mentioned. Clients, who have some form of fingerprint impairment, could still use the current authentication process to authenticate themselves, meaning that they only use magnetic cards and PINs for the authentication process.