Privacy protection is one of the main concerns for biometric verification and identification systems. Typically biometric templates are stored unprotected in a central database. If database is compromised and intruder obtains person's biometric template, using this biometric will be impossible for the rest of person's life. Even if stored templates are encrypted, matching is still performed using decrypted templates, and decryption process can be compromised as well.
In this work we developed an algorithm of hashing fingerprint data and performing fingerprint matching using hashed values. Hashing can be performed on the scanner device, and only hashed values are transmitted and stored in the database. Hashing function is one-way function, and given hash values it is impossible to reconstruct original template. In case hash values are compromised, person will be re-enrolled using new hash function. Since different hash functions are used for old compromised hash values and new hash values, no match between them is possible.
Note that the hash function is a public function. Thus it is possible to simply store information about specific hash function used together with fingerprint template in the database server. During verification, server might instruct client scanner on which hash function should be used. Also different hash functions can be used for different enrolled persons.
The main idea of the algorithm is that hash values are constructed for the localized minutia subsets, with the condition that the number of hash values is less than the number of minutia. This makes it impossible to algebraically reconstruct localized minutia information. Matching hashes of localized subsets produces a set of match confidences and corresponding transformation parameters: rotation and translation. Presence of many localized matches with similar transformation parameters indicates global fingerprint match. Global reconstruction of the original minutiae is extremely difficult because of the uncertainty on which minutia points belong to which localized subset. Currently achieved equal error rate of proposed algorithm is 3% on FVC2002's DB1 database (2800 genuine and 4950 tests) which is slightly worse than performance of similar algorithm using same minutia extraction algorithm and full information minutia matching.