BioEncoding: A Reliable Token less Cancelable Biometrics Scheme for Protecting Iris Codes

Despite their usability advantages over traditional authentication systems, biometrics-based authentication systems suffer from inherent privacy violation and non-revocability issues. In order to address these issues, the concept of cancelable biometrics was introduced as a means of generating multiple, revocable, and noninvertible identities from true biometric templates. Apart from BioHashing, which is a two-factor cancelable biometrics technique based on mixing a set of tokenized user-specific random numbers with biometric features, cancelable biometrics techniques usually cannot preserve the recognition accuracy achieved using the unprotected biometric systems. However, as the employed token can be lost, shared, or stolen, BioHashing suffers from the same issues associated with token-based authentication systems. In this paper, a reliable tokenless cancelable biometrics scheme, referred to as BioEncoding, for protecting Iris Codes is presented. Unlike BioHashing, BioEncoding can be used as a one-factor authentication scheme that relies only on sole Iris Codes. A unique noninvertible compact bit-string, referred to as BioCode, is randomly derived from a true Iris Code. Rather than the true Iris Code, the derived BioCode can be used efficiently to verify the user identity without degrading the recognition accuracy obtained using original Iris Codes. Additionally, BioEncoding satisfies all the requirements of the cancelable biometrics construct. The performance of BioEncoding is compared with the performance of BioHashing in the stolen-token scenario and the experimental results show the superiority of the proposed method over BioHashing-based techniques.