PalmSecMatch: A data-centric template protection method for palmprint recognition

While existing palmprint recognition researches aim to improve accuracy in various situations, they often overlook the security implications. This paper delves into template protection in palmprint recognition. The existing template protection methods usually cannot strike a well balance between security, accuracy and usability, which reduces the applicability of the algorithms. In this work, a data-centric approach for palmprint template protection is proposed, called PalmSecMatch. Our solution extracts the key from plaintext data. It extremely reduces the dependency on third-party or independent key generation algorithms. The backbone of PalmSecMatch consists of key data extraction and encryption, order shuffling of the raw vectors, hashing code generation, shuffling basis and hashing code fading. PalmSecMatch subtly exploits the fact that biometric data are random variables and benefits from its data-centric nature. PalmSecMatch allows the same plaintext features to be encrypted into highly different ciphertexts, which greatly ensures security. At the same time, the application of data fading strategy makes it extremely difficult for an attacker to distinguish the user data from the auxiliary data. The security analysis shows that PalmSecMatch satisfies the requirements of ISO/IEC 24745. Adequate experiments on two public palmprint databases validate the effectiveness of the proposed method.