Password-free biometric authentication system

To implement the idea of password-free biometrics authentication system, the Client required a full set of developments. Namely:

On top of that, to provide a full support of a server, including creating and maintaining a database.

For this project Vakoms assigned a dedicated team

Vakoms augmented the Client’s staff in autumn 2014. Our specialists got involved in conducting business analysis, and carried out a thorough research on technologies and devices which might be used in the implementation of the idea.

The propeller of the password-free authentication system was to be a smart face recognition algorithm. It was written and is being elaborated on Python, using OpenCV (Open Source Computer Vision) and Mahatos SURF (Speeded-Up Robust Features) libraries. What it does is a realtime comparison between a photo of a face just taken via the app with a person’s characteristic features stored on a server in a MySQL database. The system has to take into account different parameters, including lighting and angle during photography, keypoints on the face, etc.

Besides, the algorithm has self-learning capabilities. It reveals the smallest changes in the face, like hair, wrinkles, scars and replenishes its database, providing more accurate recognition over time.

Also, the platform supports authorization via fingerprint recognition. For now, it is implemented only on iPhone thanks to Touch ID technology, but the Android version of this feature will be developed later.

An integral part of the Client’s password-free authentication system is a native application, yet for iOS only. It enables finger or face recognition of a user who intends to log in on a website. The system sends a push-notification to the smartphone, asking the user to touch iPhone’s Home button or look in a camera and place his/her face in a special framework on the screen. Then these data are processed via bespoken algorithms.

In the app development Vakoms used Objective-C and OpenSSL for data encryption.

On top of recognition algorithm and iOS application for authorisation, the Client, as a service provider, offers a special log-in button for websites that support OpenID protocol.

Following the registration in the system, clients receive API and thus are allowed to integrate the button into their websites. By pushing it, site users open an OpenID Provider popup which launches an authorization mechanism, which includes sending push-notification mentioned earlier.

The button is written with Javascript, HTML and CSS, while OpenID Provider itself is developed in Node.JS.

Another useful tool within the project is Gmail Encryptor – an extension for Chrome browser which ensures secure correspondence. For its development Vakoms’ specialists used Javascript and jQuery.

The plug-in adds a turn on/off button to Gmail’s composing interface. After enabling this option a text is being encrypted by means of PGP technology and sent to a recipient. To execute the decryption a user on the other end has to perform an authorization with smartphone’s camera in the app.

Of course all the fun happens on the server side. We have been providing full support since the very beginning of the project, in particular, coding on Python and testing.

Initially the server was developed and launched locally at Vakoms. After successful probation, our Back End and Web programmers performed an integration with the Client’s official website. Eventually, the server was deployed on Rackspace.

Here are some interesting features:

At present, we have fully functional password-free authentication platform, which is to be commercially launched before long. At first, users will be able to log in to websites or encrypt/decrypt emails with face or finger recognition. But later, the service will be complemented with other options. Among them – voice, retina, and palm recognition via smartphone’s camera.

Besides, the system may be ported on various devices and integrated in Smart House ecosystem. For example, a person could open an electronic door lock by simply having a glance at the in-built camera or by touching the phone’s Home button. Without any keys or any plastic cards.

Furthermore, based on Google Maps API, the system could be able to determine user’s location and give access to defined premises.

The Client plans to make the platform available under an open source license.