Sustainable Cities and Society 40 (2018) 274–283

Contents lists available at ScienceDirect

Sustainable Cities and Society

journal homepage: www.elsevier.com/locate/scs

ECG and fingerprint bimodal authentication T

a,⁎ b a
Juan S. Arteaga-Falconi , Hussein Al Osman , Abdulmotaleb El Saddik
a
Multimedia Communications Research Laboratory, University of Ottawa, 800 King Edward, Ottawa, Ontario, K1N 6N5, Canada
b
Multimedia Processing and Interaction Group, University of Ottawa, 800 King Edward, Ottawa, Ontario, K1N 6N5, Canada

A R T I C LE I N FO A B S T R A C T

Keywords: Security research on smart cities mostly focuses on the communication of “things” and rarely focuses on the
Smart cities security interaction between “things” and people. Security breaches at this lower level will render higher-level security
Smart city control access measures ineffective. In this paper, we propose to use a multimodal biometric approach (ECG and Fingerprint) to
Bimodal secure the interaction between “things” and people. ECG biometrics is a relatively new technique and its per-
Biometrics
formance is still inferior to that of fingerprint biometrics. However, as opposed to ECG, fingerprint users touch
Multimodal
objects and inadvertently leave behind their invisible fingerprints marks. Hackers can lift these invisible marks
ECG
Fingerprint and gain illicit access to the devices of their victims. Moreover, ECG based authentication requires users to be
Authentication alive, a quality that can prove important for smart cities. The latter is not true for fingerprint authentication. In
ECG SVM this paper, we combine ECG and Fingerprint features in a bimodal biometric system. Our objective is to enhance
the advantages of both biometric methods while minimizing their weaknesses. For the ECG method, we use an
SVM classifier and for the Fingerprint technique we employ the minutiae extractor and matcher from NBIS. We
fuse the results of the ECG and Fingerprint authentication at the decision level to distinguish between genuine
users and impostors. The literature on ECG and Fingerprint bimodal biometrics is very limited, however, the
obtained results show that this work presents an improvement in terms of EER (Equal Error Rate) compared to
existing work.

1. Introduction suffer from the vulnerabilities of conventional password protected

A smart city relies on the collection of data to respond to the needs
of its inhabitants. The Internet of Things (IoT) provides a great source of
information for smart cities. However, IoT has been associated with
data privacy and security concerns (Yang, Wu, Yin, Li, & Zhao, 2017).
To address these concerns, researchers have mostly focused on solving
security issues between communicating “things”. Yet, security concerns
related to the interaction between “things” and people have seldom
been addressed in the literature (Guo, Karimian, Tehranipoor, & Forte,
2016). Vulnerabilities in this area can compromise the entire security
infrastructure of smart cities.
Abundance of information is vital for the operation of smart cities.
Smart Cities collects data from hard or soft sensors typically abstracted
as “things” within the IoT infrastructure. Hence, to support smart cities,
the number of communicating “things” will continue to grow. This
growth necessitates users to interact regularly with an increasing
number of devices. Hence, they have to maintain a memory-taxing
amount of usernames and passwords. However, biometric schemes offer
an optimum alternative for the use of usernames and passwords for
authentication (Jain, Ross, & Pankanti, 2006). In addition, they do not
systems. For instance, pin numbers and graphic patterns are popular
authentication techniques that are vulnerable to shoulder surfing at-
tacks (i.e. people watching from a short distance) (Clark & Lindqvist,
2015). In 2012, a Visual Privacy Productivity Study sponsored by the
3 M Company found that 82% of IT professionals believe that em-
ployees are careless about shoulder surfing attacks (Ponemon Institute,
2012). The same study revealed that 72% of commuters in the UK have
been able to observe passwords of commuters through shoulder surfing.
Fingerprint biometrics eliminates the threat of shoulder surfing.
However, this approach presents other important vulnerabilities.
Damaged fingers can lead to an authentication failure (Phillips, Martin,
Wilson, & Przybocki, 2000) or attackers can duplicate fingerprints to
gain access (Espinoza, Champod, & Margot, 2011). A study by Guillen,
Alfonso, Martinez, and Mejia (2012) showed that duplicates obtained
from fingerprints left behind on objects can result in 60% authentica-
tion success rate. The US Border Patrol have reported that some in-
dividuals damage their fingerprints to avoid authentication (Yoon,
Feng, & Jain, 2012). The U.S. has been linking fingerprints to travel
visas since 2002, aiming to authenticate individuals with their travel
documents and store the information in a national database (US

⁎
Corresponding author.
E-mail addresses: jarteaga@uottawa.ca (J.S. Arteaga-Falconi), halosman@uottawa.ca (H. Al Osman), elsaddik@uottawa.ca (A. El Saddik).

https://doi.org/10.1016/j.scs.2017.12.023
Received 16 August 2017; Received in revised form 10 December 2017; Accepted 19 December 2017
Available online 03 January 2018
2210-6707/ © 2018 Elsevier Ltd. All rights reserved.
J.S. Arteaga-Falconi et al.
Department of State, 2002).
In contrast, authentication by electrocardiogram (ECG) cannot be
easily hacked without the consent of the user. Collecting ECG biometric
features requires the use of special hardware (i.e., electrocardiograph),
making this method difficult to imitate. However, while fingerprint
collection can be achieved almost instantaneously, the ECG method
typically requires 10 s or longer to capture ECG signals and achieve an
acceptable level of accuracy for authentication (Biel, Pettersson,
Philipson, & Wide, 2001; Chan, Hamdy, Badre, & Badee, 2008; Israel,
Irvine, Cheng, Wiederhold, & Wiederhold, 2005; Singh & Singh, 2012;
Wübbeler, Stavridis, Kreiseler, Bousseljot, & Elster, 2007).
In our previous work, we proposed an ECG authentication algorithm
that requires a 4 s long signal to achieve a False Acceptance Rate (FAR)
of 1.41% and a True Acceptance Rate (TAR) of 81.82% (Arteaga-
Falconi, Al Osman, & El Saddik, 2016). To improve these results, we
propose to adopt a multibiometric approach. We will fuse fingerprint
and ECG biometric methods to enhance the strengths and reduce the
impact of the weaknesses of each approach while increasing the accu-
racy of the biometric authentication process. This will prevent attackers
from faking fingerprints and would allow users to authenticate securely
within 4 s. The proposed method can be applied for airport traveler
authentication at border security. Travellers would place both thumbs
on a single scanner that simultaneously captures ECG and fingerprints
for verification, thus achieving a secure and speedy multibiometric
process.
In this work, the ECG matcher uses an SVM classifier, whereas, in
our previous work (Arteaga-Falconi et al., 2016), we employ a multi-
threshold approach for classification. We describe the rationale behind
this design decision in Section 3.1. Also, as opposed to other multi-
modal approaches that achieve fusion at the feature or score level
(Manjunathswamy, Abhishek, Thriveni, Venugopal, & Patnaik, 2015;
Singh & Singh, 2013), we fuse the biometric modalities at the decision
level. (See Section 2.2).
We have structured the rest of the paper as follows: In Section 2, we
present relevant concepts pertaining to existing ECG, Fingerprint, and
bimodal biometric algorithms. In Section 3, we describe our proposed
ECG and fingerprint authentication algorithm. In Section 4, we present
the evaluation of our algorithm, where we describe our experiment and
provide an analysis of the obtained results. Finally, in Section 5, we
provide a brief summary of the contributions and ideas for future work.
2. Background and related works
The Encyclopedia of Biometrics defines Biometrics as “the science of
establishing the identity of a person based on the physical or behavioral
attributes associated with an individual” (Ross & Jain, 2015). Bio-
metrics traits such as eyes, iris, fingerprint or ECG are physical bio-
metric attributes. In contrast, signature, voice, gait or keystroke pattern
are behavioral biometric attributes. Biometric systems typically support
one or two important functions: identification and verification
(Wayman, 2015); verification is a synonym of authentication (National
Research Council, 2003).
During identification, the biometric system searches for a person
within a database. The user supplies a biometric trait and the system
compares it against a database of user records. If there is a match, then
the system is said to have identified the user. Identification follows a
one-to-many scheme, where the system compares one user input
against all the user records in the database (Ross & Jain, 2015).
For authentication, the system stores biometric information that
corresponds to genuine user(s). When a user supplies a biometric trait,
the system compares it against the stored biometric information and
determines if the user is genuine or an impostor. Authentication follows
a one-to-one scheme whereby the system compares one user input
against the genuine user record in the system (Ross & Jain, 2015).
Fig. 1 shows the four principal modules in a conventional biometric
system. First, the sensor module acquires the biometric trait, such as
275
Sustainable Cities and Society 40 (2018) 274–283
Fig. 1. Modules Of A Biometric System.
fingerprint, ECG, face. Then, the feature extractor module processes the
biometric trait and extracts features to generate a biometric template. A
biometric template is a collection of features that represents a biometric
trait. If the biometric system is enrolling (registering) users, it stores the
template in a database. Otherwise, it sends the template to the matcher
module. The matcher module typically generates a score that represents
the similarity between the input and a stored biometric template(s). If
the biometric system is used for identification, then it generates a score
for each stored template. However, if the biometric system is used for
authentication, then it generates a single score for the stored template
of the user. The decision maker module uses these score(s) to determine
the result of the process (Jain, Ross, & Prabhakar, 2004).
2.1. Biometric approaches
Biometric authentication uses a variety of traits. For example, re-
searchers have proposed the use of iris-based authentication (Ho Cho,
Park, Rhee, Kim, & Yang, 2006). While this method is reliable, its
sensitivity to changes in lighting conditions makes its deployment
challenging (Scotti & Piuri, 2010). Voice is another trait used in bio-
metrics (Markowitz, 2000). However, because the voice must be re-
corded, the primary concerns of this method is the surrounding noise
and easy duplication of the biometric features (Wang & Liu, 2011).
Accelerometer data can be used for gait authentication (Derawi, Nickel,
Bours, & Busch, 2010). Admittedly, this technique still needs further
improvement to produce reliable results (Derawi et al., 2010).
While fingerprint authentication typically performs well, finger-
prints left behind unintentionally on smooth surfaces can be easily
duplicated by hackers to break into the system. In contrast, ECG
methods conceal the biometric features, but require a lengthy signal for
authentication. Decreasing the length of the signal affects the perfor-
mance of the method negatively. The following two sections discuss
these two latter biometric approaches in detail.
2.1.1. Fingerprint biometrics
The study of fingerprints has a long history, originating in 1686
(Maltoni, 2015). Today, the use of fingerprint biometrics has become a
well-established technology with an outstanding performance com-
pared to biometrics of other traits (Phillips et al., 2000).
Typical features used in fingerprint biometrics include minutia,
local orientation, ridge shape, local frequency, singularity, and ridge
count. Ridges and valleys compose fingerprints and a minutia is the end
(or bifurcation) of a ridge or a valley. Minutiae are the most used fea-
tures by fingerprint matchers. Minutiae can carry information about
direction and spatial frequency. The minutia direction is a vector that
defines the course of a ridge or valley. Spatial frequency defines the
direction of the finger. To determine spatial frequency, algorithms
usually uses the minutia direction as input information (Bigun, 2015).
A recent study by Iancu and Constantinescu (2013), used a fuzzy
J.S. Arteaga-Falconi et al.
logic control system for matching. They used “Atanassov’s intuitionistic
fuzzy sets” to determine the number of minutiae that are required for a
match. They tested their algorithm with 89 users and attained an ac-
curacy of 98.08%. Another study Cao et al. (2012) used the Ant Colony
Optimization (ACO) scheme to find correspondence between minutiae.
ACO builds a correspondence graph of a promising solution based on
the most prominent features. Ants use this graph to find all minutiae
correspondences. They test their algorithm with 800 fingerprints, 100
fingers with eight images of each finger and report an Equal Error Rate
(EER) of 2.79%. A third study Tan and Bhanu (2006) used a genetic
algorithm (GA) for matching. They considered the starting population
to be the stored template(s) and used the input fingerprint to calculate
the fitness. The GA launches an iterative process that produces a new
generation from the previous one through selection, crossover and
mutation. The GA finishes when it reaches a point where there is no
change in the fitness values for a number of generations. If the fitness
value is greater than a threshold, there is a match. They tested with
2000 pairs of fingerprints and according to the ROC curve; they obtain a
FAR of 0.05% and a TAR of approximately 84%. A fourth study Kovacs-
Vajna (2000) divided the input fingerprint image into squares and each
square into two triangles. They adjusted the orientation of the triangles
in the stored template(s) and the input to minimize distortion. Then,
they proceeded with a minutiae match. They evaluated the algorithm
with 2000 pair of images and reported a TAR of 85% with a FAR of
0.05%.
For over a decade, the National Institute of Standards and
Technology (NIST) has been working together with the FBI on devel-
oping a biometric software application called the National Background
Investigation System (NBIS) (Watson et al., 2008). They constantly
improve and test the software application on a database of over
40,000,000 fingerprints. In 2015, they released the latest stable version
5.0.0, which is open source and publicly available (access is restricted
in some countries). The software has independent modules, including
the feature extractor and matcher module. The feature extractor
module uses minutiae features collected using the MINDTCT algorithm
(Watson et al., 2008). The matcher module uses the BOZOSRTH3 al-
gorithm (Watson et al., 2008). Maddala, Tangellapally, Bartůněk, and
Nilsson (2011) evaluated the NBIS with 100 fingerprints and 8 images
of each fingerprint. According to its Detection Error Trade-off (DET)
graph, they reported an EER of approximately 0.4%.
2.1.2. ECG biometrics
An ECG displays the electrical activity of the heart. To obtain an
ECG record, a sensor collects, amplifies and filters an electrical signal
obtained through electrodes in contact with the human body. These
electrodes are placed in specific arrangements called virtual vectors or
leads (Goldberger, 2012). There are 12 lead configurations. Lead-I re-
quires only two electrodes placed on the chest, arms, or hands. ECG is a
unique signal for every person due to the variation in heart mass, or-
ientation, gender, conductivity, and order of activation of the cardiac
muscles (Hoekema, Uijen, & Oosterom, 2001; Van Oosterom, Hoekema,
& Uijen, 2000). This characteristic makes ECG biometrics possible
(Chan et al., 2008).
To the best of our knowledge, Biel et al. (2001) presented the first
approach for ECG biometrics. They extracted time-, amplitude- and
slope-based features for classification. They concluded that it is possible
to identify a person using ECG. They also concluded that three elec-
trodes are enough for ECG authentication. In another study, Agrafioti
and Hatzinakos (2008) used linear discriminant analysis for filtering
before matching, then calculated the Euclidean distance and applied a
threshold to determine authenticity. They evaluated the algorithm with
an ECG database of 27 subjects and a signal length of 2530 s. They
reported an EER of 0.6%. Chiu, Chuang, and Hsu (2008) applied Haar
wavelet transformation to the ECG signal and used the obtained coef-
ficients as ECG features. They calculated the Euclidean distances be-
tween the template and the input fingerprint features for matching.
276
Sustainable Cities and Society 40 (2018) 274–283
They evaluated the algorithm with two ECG datasets from 25 and 45
subjects; each record was 2 min long. They reported an EER of 0.83% to
0.86%. Molina, Bruekers, Presura, Damstra, and van der Veen (2007)
extracted features based on the fiducial points. They calculated a score
for the features in the stored template and input template. To perform
authentication, they applied a threshold to the score. For the evalua-
tion, they used ECG records 5 min in length from 10 subjects and ob-
tained an EER of 2%. Lourenço, Silva, and Fred (2012) applied the k-
nearest neighbours (k-NN) algorithm and an SVM classifier on ECG
features to perform identification and authentication. They used 5-min
ECG records from 32 subjects. Authentication with the k-NN algorithm
achieved an EER of 9.39% while authentication with SVM scored a FAR
of 0% with a false rejection rate (FRR) of 4.55%. They found that SVM
is better than k-NN for authentication; however, for identification, they
found the k-NN algorithm to be the better method.
2.2. Multibiometrics
Biometric systems can use a combination of sensors, algorithms,
samples, instances (e.g. left and right iris) or modes (i.e., biometric
traits such as fingerprints and ECG). Such systems are said to implement
multibiometric methods (Ross, 2009).
Multibiometrics has some advantages: it enhances a unibiometric
(single biometric trait) system, reduces the probability of the system
encountering two users with the same biometric information (non-
universality characteristic) and can speed up indexing for identification
in a large-scale database. The use of multi trait can narrow down the
amount of potential matching candidates and focus the search only
among a few stored templates. In addition, multibiometrics provides
robustness under noisy environments; if one trait fails, we can use an-
other trait without disrupting the biometric process (Ross, 2009).
Fusion in a multibiometric process can occur before or after
matching (Ross, 2009). Fusion that occurs before the matching stage
can be divided into two types: sensor-level fusion (multi-sensors) and
feature-level fusion (multi-samples) (Ross, 2009). Sensor-level fusion
combines several samples of the same biometric trait from different
perspectives or take samples of the same biometrics trait with different
sensors. Feature-level fusion normalizes, transforms and reduces fea-
tures from multiple biometric algorithms. Feature-level fusion fits all
the features into the same vector space to feed a matcher and yield the
result. Fusion that occurs after the matching stage can be divided into
three categories: match score- = level fusion, rank level fusion and
decision level fusion. Match score level fusion combines the match
scores of different biometric to generate a unique match score. Rank
Level fusion narrows down the identification possibilities with one
biometric trait and confirms the identification with the second bio-
metric trait. Decision Level Fusion uses unibiometrics results (Match or
non-match) to indicate if a final match has been found.
Fusion at the decision level does not need the features or scores of
the classifiers. This is an advantage when we are combining integrating
proprietary algorithms into the biometric system. In such scenario, we
solely have access to the decision as opposed to the score (Ross, 2009).
Literature describes various fusion schemes at the decision level. Ma-
jority vote is the most used one; it returns the decision that the majority
of classifiers choose (Li & Jain, 2009). Linear weighted fusion is an
extension of the majority vote. It assigns a weight to the matchers based
on their performances (Li & Jain, 2009). Atrey, Hossain, El Saddik, and
Kankanhalli (2010) point out that weight assignment is the major
drawback of linear weighted fusion. Behavior Knowledge Space is a
statistical fusing rule that calculates the probability of a decision (match
or non-match) based on the combination of results from the individual
matchers. The decision with higher probability in a specific combina-
tion of results is the final decision for the multimodal biometric (Li &
Jain, 2009). This technique performs effectively for multi-class (deci-
sions and matchers) problems where large datasets are available for
training (Raudys & Roli, 2003).
J.S. Arteaga-Falconi et al. Sustainable Cities and Society 40 (2018) 274–283

2.3. Bimodal biometrics using fingerprint and ECG

While research on bimodal or multimodal biometrics is vast, little

research currently exist on the combination of ECG and Fingerprint
biometrics, possible due to ECG as a relative new topic in biometrics.
Manjunathswamy et al. (2015) used ECG and fingerprint in a bi-
modal biometric system. They combined the features from ECG and
fingerprint and authenticated or identified a subject when 11 out of the
14 features was above a threshold of 75%. They obtained an FRR of 0%
with a FAR of 2.5%. However, they collected ECG and fingerprint data
separately and provided no information on the number of users in the
study. They perform fusion at the feature level. They extract 12 ECG
features and 2 fingerprint features. They set a threshold of 75% on all
these features. The algorithm reaches a match when 11 out of the 14
features pass the threshold.
Singh and Singh (2012) presented a study that shows the feasibility
of using ECG as a biometric. In the same study, they evaluated a bi- Fig. 2. Unibiometric ECG Authentication Diagram.
modal biometric system that used ECG and fingerprint traits on 73
subjects. They collect ECG and fingerprint data separately: the ECG (Arteaga-Falconi et al., 2016) is possible, SVM based matching for the
records are obtained from the Physionet database (Goldberger et al., ECG features is advantageous in a multibiometric context because it
2000a, 2000b) and the fingerprints were collected from NIST-BSSR1 eliminates the thresholds associated with the ECG biometric method.
(National Institute of Standard and Technology, 2011). The NIST- Furthermore, we evaluate the matcher from our previous work with the
BSSR1 database does not provide fingerprint data; instead, it provides one using SVM in Section 4.2.
matching scores from the NIST Bozorth3 matcher. To perform fusion, In accordance with Arteaga et al. (Arteaga-Falconi et al., 2016), we
they applied a score transformation using a weighted sum rule, and use 4-s long signals for the ECG authentication. Such a signal length
then, they used a threshold for matching. They reported an EER of typically includes several complete heartbeats. The number of heart-
1.52%. beats depends on the heart rate of the subject during signal collection.
Fig. 2 shows our ECG biometric method which consisted of the fol-
2.4. Summary lowing steps:

Previous studies have shown that the ECG trait can be used as
biometric (Agrafioti & Hatzinakos, 2008; Biel et al., 2001; Chiu et al.,
2008; Molina et al., 2007). ECG biometric methods do not reach the
performance level of fingerprint approaches if the ECG signal length is
kept short. Nevertheless, ECG features are more difficult to spoof.
Related works presented in this section confirm that multibiometric
systems can perform better than unibiometric ones. Although the lit-
erature is quite limited on bimodal biometric approaches that combine
ECG and fingerprint biometrics, we believe these methods produce
promising results.
In this study, we present an ECG and Fingerprint bimodal biometric
authentication algorithm. We fuse the biometric results at the decision
level and evaluate the system using data obtained from public datasets.
3. Design of ECG and fingerprint bimodal algorithm
1. Detect the fiducial points (i.e., QRS complex, LP & TP valleys and P
& T peaks) from each heartbeat in the ECG signal;
2. Extract each complete heartbeat from the signal and align it around
a reference point, (in this case the R peak) (Fig. 3).
3. Normalize each ECG heartbeat to eliminate disparities caused by
heart rate variations by dividing each feature by the total length of a
heartbeat (Israel et al., 2005);
4. Extract the ECG features as previously described (Arteaga-Falconi
et al., 2016) (Fig. 4) to obtain eight features that represent the
distance in time between peaks and valleys and amplitudes dis-
tances;
5. Generate the template, a set of all features extracted in step 4, ne-
cessary for enrollment or authentication;
6. If the system is enrolling a user, the template from step 5 is stored in
a database or memory. If the system is authenticating a user, the

In this section, we describe our ECG and fingerprint authentication

approaches and the fusion mechanism used for the bimodal algorithm.

3.1. Fingerprint and ECG biometric algorithms

For the fingerprint biometric method, we use the MINDTCT algo-

rithm as the minutiae extractor and the BOZORTH3 algorithm as the
minutiae matcher (Watson et al., 2008). The latter algorithm will
output a score reflecting the match level between the input and stored
template(s).
The ECG process employed in this work is adapted from our pre-
vious work (Arteaga-Falconi et al., 2016). However, we have replaced
the matcher module to account for the bimodal nature of the current
system. Therefore, we propose a matcher that uses an SVM classifier
with an RBF radial basis function kernel. Our previous work (Arteaga-
Falconi et al., 2016) presented a unibiometric approach that requires
associating each feature with a threshold. Therefore, such approach
entails a tedious search for the optimal combination of all thresholds. A
multi-biometric system further exacerbates this issue by increasing the
number of thresholds. Hence, although using the matcher from Fig. 3. ECG Heartbeat Alignment (Arteaga-Falconi et al., 2016).

277
J.S. Arteaga-Falconi et al.
Fig. 4. Features Extracted From ECG (Arteaga-Falconi et al., 2016).
template is fed to the ECG matcher that then compares it with the
stored template. The SVM classifier running within the matcher
produces a binary result of match or non-match. SVM sets a
boundary around the N-dimensional training set data points col-
lected during enrollment (where N corresponds to the number of
features). The algorithm considers any input template that corre-
sponds to a data point (N-dimensional space) within the boundary to
be a match; otherwise, it is a non-match.
Because this work focuses on authentication, we want to determine
if certain biometric features correspond to a genuine user (one on one
match). Therefore, we train the SVM classifier on a single class since we
only collect data for genuine users during enrollment; we cannot obtain
data for all the possible impostors. Hence, we solve the classification
problem with a one-class SVM classifier.
The arrangements of features in the SVM space makes it difficult to
accurately classify them with a linear kernel or polynomial kernel. In
our preliminary tests, we considered using the linear kernel, polynomial
kernel and Radial Basis Function (RBF/Gaussian) kernel. The RBF
kernel performed better for our ECG authentication approach. We are
using time and amplitude ECG features that result in an SVM space
where the RBF kernel produces a boundary that does not seem to under
or over fit the training set.
The RBF kernel that we use is:
2
K (x , xi) = e− x − xi
where, x is the feature vector stored in the template and xi is the feature
vector corresponding to a user attempting authentication. We place the
kernel (Eq. (1)) in the general SVM classifier equation to obtain Eq. (2):
n we only have two classes (i.e. genuine and impostor) with two
f (x ) = sgn ⎛∑ αi e− x − xi 2 − ρ⎞
⎝ i=1 ⎠ (2)
where αi is the Lagrange multipliers (calculated when solving the
minimization formulation of SVM); ρ is a soft margin parameter that
controls how wide is the classification margin.
The SVM classifier in Eq. (2) provides a matching result based on
the features extracted at the input and the features stored in the data-
base. The system sends the result to the bimodal authentication algo-
rithm to perform fusion at the decision level.
Sustainable Cities and Society 40 (2018) 274–283
Fig. 5. Bimodal Authentication Algorithm.
3.2. Bimodal authentication algorithm
The bimodal authentication algorithm uses two independent uni-
biometric results and fuses them to reach a final decision on authenti-
cation (Fig. 5). We employed a decision-level fusion scheme because the
matchers of unibiometric methods produce two types of results: a
binary output for ECG and a score for the Fingerprint. As we explained
in Section 3.1, the ECG matcher uses an SVM classifier to perform au-
thentication. Rather than calculating a match score; the SVM classifier
produces a binary result: a match or a non-match. The Fingerprint
matcher returns a score that measures the similarity between the stored
and input templates. To fuse at the score level, both matchers need to
provide score values. However, because ECG-SVM only provides a
binary value, we could not combine these results at the score level.
Instead, these results could only be fused at the decision level, which
requires compatible results from the matchers. Hence, we converted the
fingerprint score value into binary results using a threshold (any score
above the threshold, is a match; otherwise, it is a non-match).
Fig. 6 illustrates the mechanism of decision-level fusion, which can
achieved using two alternative approaches:
• Fusion Method A: Use the fingerprint results first and the ECG re-
sults second.
• Fusion Method B: Use the ECG results first and the fingerprint results
second.
(1)
We evaluate these two approaches in Section 4.3 to identify which
one produces the lowest EER.
Fig. 6 represents our approach. We adopt this approach because
other decision level fusion schemes are not applicable for the proposed
algorithm. For instance, the majority votes technique is unfeasible since
matchers. In the case of a tie, the algorithm would not be able to render
a final decision. A linear weighted fusion scheme is also not applicable,
as we need to assign a weight for each classifier that corresponds to its
performance. To measure the performance we need to calculate weights
based on the results of the fusion. Section 2.2 describes that weight
calculation is the major drawback on this scheme. In this study, we do
not have a suitable number of matchers (i.e., ECG-SVM and Fingerprint)
or classes (i.e., match or non-match) to calculate an appropriate weight.
Similarly, Behavior Knowledge Space requires a large number of classes
and datasets to work properly. In this work we have two classes (match
or non − match), this is a limitation in applying Behavior Knowledge
278
J.S. Arteaga-Falconi et al. Sustainable Cities and Society 40 (2018) 274–283

Fig. 6. Bimodal Decision Level Fusion. a) Fusion Method A. b) Fusion Method B.

Space. each time we enroll a subject, we evaluate their fingerprint image

4. Evaluation
We evaluate the proposed algorithm in four stages. In the first stage,
we evaluate the MINDTCT minutiae extractor and BOZORTH3 finger-
print matching algorithm (Watson et al., 2008) with the same finger-
print images used to evaluate the bimodal authentication algorithm. In
the second stage, we compare our previous ECG-Threshold matcher
(ECG matching method described by Arteaga-Falconi et al., 2016) with
the ECG-SVM matcher (ECG matching through an SVM classifier, pre-
viously described in Section 3.1). In the third stage, we identify the best
fusion method for the bimodal authentication. Finally, in the fourth
stage, we compare our algorithm to existing approaches.
Biometric authentication systems have several operating points
pertaining to the threshold(s) of the biometric matcher. Each operating
point represents a trade-off between errors; an operating point that
decreases the FAR also typically reduces the TAR. A low TAR results in
a higher False Rejection Rate (FRR) (FRR = 1 − TAR) as more genuine
users are rejected. Conversely, if the operating point produces a lower
FRR, less genuine users will be rejected, but more impostors will be
accepted. An effective biometric system should minimize the FAR and
FRR. DET graphs displays the relationship between FAR and FRR to
allow us to choose the best operating point (Martin, Doddington,
Kamm, Ordowski, & Przybocki, 1997). Hence, to compare biometric
matchers, we can find the DET point where FAR is equal to FRR. We call
this DET point the Equal Error Rate (EER). Hence, in this section,
whenever possible, we will use the EER metric to assess the effective-
ness of the biometric matcher.
against that of 1 genuine subject and 72 impostors. We repeated this
process with each new subject until we complete the enrollment of all
subjects. Each evaluation yielded a score and we applied a threshold to
the score to obtain a matching decision. We evaluate a range of
thresholds that goes from 0 to 100 in steps of 1. We plotted these results
in a DET graph (Fig. 7).
The evaluation of the unibiometric fingerprint system produces a
FAR of 1.05% and FRR of 1.37%. We use the approach presented by
Jain, Ross, and Nandakumar (2011) to obtain an approximate EER of
1.18%.
4.2. ECG with SVM evaluation
We compared this proposed ECG-SVM matcher with our previous
ECG-Threshold matcher using 4 Physionet databases (Goldberger et al.,
2000a, 2000b): MIT-BIH Arrhythmia Database (Moody & Mark, 2001),
MIT-BIH Normal Sinus Rhythm Database (Goldberger et al., 2000a,
2000b), European ST-T Database (Taddei et al., 1992) and QT Database
(Laguna, Mark, Goldberg, & Moody, 1997). For this evaluation, we
randomly selected a total of 73 ECG records from the databases. We
divided the signal of each subject into seven fragments of data: the first

4.1. Fingerprint evaluation

We used fingerprint images from 73 subjects in the DB1 category of

the FVC2006 database (Cappelli, Ferrara, Franco, & Maltoni, 2007).
Each subject has 7 images, consisting of 1 image for enrollment and 6
images for authentication. These images were extracted using an elec-
tric field sensor (AuthenTec) (Cappelli et al., 2007). The size of each
image is 96 × 96 pixels with a resolution of 250 dots per inch (dpi). The
purpose of this evaluation was to assess the performance of the fin-
gerprint authentication algorithm. Later in Section 4.3, we combine this
data with ECG data to evaluate the bimodal authentication algorithm.
We will use the results of this evaluation to compare the performance of
the state of the art unibiometric fingerprint method with the proposed
bimodal biometric technique.
We ran the evaluation in a batch mode, enrolling the subjects one by
one and evaluating them against all non-enrolled subjects. Therefore, Fig. 7. Direct Error Trade-off (DET) Graph For Fingerprint Performance.

279
J.S. Arteaga-Falconi et al.
Fig. 8. DET Approximation for ECG-Threshold Algorithm.
fragment was 60 s in length and was used for enrollment and the six
remaining fragments were 4 s in length and were used for authentica-
tion. Each fragment corresponded to a random portion of the ECG re-
cord. We did not set a threshold for evaluation because ECG-SVM yields
a matching result (genuine or impostor) and not a score; therefore, we
only had one operating point and do not generate a DET graph. We
measure the number of true positives (TP) and false positives (FP) to
calculate the TAR and FAR.
We evaluated the best performing algorithm by measuring the TAR
when both algorithms had the same FAR value. The ECG-Threshold
matcher (Arteaga-Falconi et al., 2016) reported a TAR of 84.93% with a
FAR of 1.29%. The ECG-SVM matcher only has one operating point,
therefore the TAR and FAR cannot be calibrated. The ECG – Threshold
matcher has several operating points (see Fig. 8), therefore we can
adjust the thresholds of this algorithm to generate a DET graph. The
DET graph for the ECG-Threshold matcher shows that a FAR of 7% has
a FRR of 4.5%. This FRR represents a TAR of 95.5%
(TAR = 100 − FRR). The ECG-SVM achieves a TAR of 100% with a FAR
of 7%. Therefore, for a FAR of 7%, the ECG-SVM performs better than
ECG-Threshold.
4.3. Bimodal algorithm evaluation
To evaluate our bimodal biometric algorithm, we used the dataset
previously described in Section 4.1 for the fingerprint images and the
dataset previously described in Section 4.2 for the ECG records. We
combine an ECG record with a fingerprint image to generate a “virtual”
subject for the bimodal authentication evaluation. Therefore, our final
database consisted of 73 subjects, where each subject had 7 ECG re-
cords and 7 fingerprint images. We use one fingerprint image with one
ECG record (60 s long) for enrollment and the other 6 ECG records (4 s
long) with the corresponding 6 fingerprint images for authentication.
We performed the evaluations with Matlab 2016a running on a
Windows 7 64 bits PC with an Intel Core i7 CPU of 2.8 GHz, 8 GB RAM
memory. We ran our experiments in a batch mode; we enrolled (with
one 60-s ECG record and one fingerprint image) all the subjects one by
one and evaluated them against the non-enrolled subjects. Therefore,
each time we enrolled only one subject we evaluated our algorithm
against 1 genuine subject and 72 impostors. We repeated the process
with each subject until we enrolled them all.
As previously defined in Section 3.2, we evaluated two fusion
schemes, fusion Method A and fusion Method B. These schemes differed
280
Sustainable Cities and Society 40 (2018) 274–283
Fig. 9. DET Graph For Bimodal Fusion Method A and Method B.
by the type of matcher (fingerprint and ECG) that was used first. As
illustrated in Fig. 6, we first evaluated Fusion Method A and second we
evaluated Fusion Method B. Because ECG uses SVM, then a threshold is
only applicable to the fingerprint method. We evaluated the bimodal
authentication algorithm for several thresholds (ranging from 0 to 100
in steps of 1) and we plotted a DET graph (Fig. 9) with the obtained
results.
In Fig. 9, we see that fusion method A performs better than fusion
method B. Fusion method A displayed a FAR of 0.47% with a FRR of
0.46%, which give us an approximate EER value of 0.46%. Method B
displayed a FAR of 6.78% with a FRR of 6.39%, which give us an ap-
proximate EER value of 6.58%. The difference between fusion method
A and fusion method B is around 6% in terms of EER. We conclude that
fusion method A is the better mechanism for bimodal authentication
using ECG and fingerprint.
Fusion method A produced better results than fusion method B since
the fingerprint algorithm uses a threshold on the score, which allows us
to maximize the TAR at the expense of the FAR. Then, the ECG algo-
rithm decreases the FAR, which results in a lower EER. This is not the
case when the ECG matcher executes before that of the fingerprint. The
ECG matcher does not have a threshold to adjust and hence the TAR
cannot be maximized by moving the threshold.
The bimodal approach is more effective than the fingerprint or ECG
biometric methods alone. In Section 4.1 we found an EER of 1.18% for
the fingerprint unibiometric scheme. Fusion method A had an EER of
0.46%; this shows an improvement of 0.72% for the EER. These results
showed that our bimodal biometric method performs 2.5 times better
than the fingerprint unibiometric approach. Moreover, in Section 4.2
we show that ECG-SVM has a FRR of 0% (FRR = 1 − TAR) with a FAR
of 7%. We cannot generate a DET graph for the ECG-SVM unibiometric
scheme because the SVM matcher returns a decision (match or non-
match) and not a score. Therefore, we examine the FAR of our bimodal
authentication method when the FRR is 0%. To do this, we use the DET
graph of the fusion method A (see Fig. 9) and we obtain a FRR of 0%
when FAR is 2.96%. These results show that our bimodal method also
performs better than the unibiometric ECG-SVM unibiometric scheme.
4.4. Comparison to existing works
In this section, we compared our proposed scheme to those of
Manjunathswamy et al. (2015) and Singh and Singh (2012). However,
Manjunathswamy et al. (2015) and Singh and Singh (2012) used
J.S. Arteaga-Falconi et al.
Fig. 10. Multimodal DET Graph: Related Works Comparison.
different databases to evaluate their algorithms. For Manjunathswamy
et al. (2015), they captured their own ECG and fingerprint dataset. This
dataset is not publicly available and the number of testing subjects is
not specified. Singh and Singh (2012) used ECG data from Physionet
and fingerprint scores from NIST-BSSR1 (National Institute of Standard
and Technology, 2011). In our work we used ECG data from the same
source as Singh and Singh (2012); however, for fingerprint we used the
FVC2006 database (Cappelli et al., 2007).
Reported evaluation conditions and datasets are different among all
three algorithms; therefore, to achieve a proper evaluation, we imple-
ment the other two algorithms and evaluate them with the same da-
tasets.
Manjunathswamy et al. (2015) described their results in terms of
FRR (0%) and FAR (2.5%). The dashed line in Fig. 10 shows the DET
curve of their algorithm with the dataset we employ to evaluate our
work. We can observe in Fig. 10 that the EER was approximately 25%.
Among the many factors a high EER value, one of them is normal-
ization. Because Manjunathswamy et al. work did not normalize the
ECG signal; changes in the heart rate would have affected the matcher
results. In contrast, our data is composed of users with different heart
rates, which affects the response of their algorithm.
The dotted line in Fig. 10 shows the DET curve for the evaluation of
multimodal algorithm by Singh and Singh (2012). Similarly, to evaluate
this algorithm we used the same datasets used in our algorithm. While
the authors reported an EER of 1.52% for their algorithm, our evalua-
tion with our data revealed that their algorithm has an EER closer to
12%. The number of features and length of ECG records are the reason
for the discrepancy between these results. They extracted 20 features
from the ECG signal. The extraction of some of these features is not
always possible. Filtration of the noise in the ECG signal can render
some fiducial points very difficult to locate; therefore, it will prevent to
extract a feature. If a feature is missed, then the whole heart beat is
discarded. This loss of information causes the EER to be higher. Another
aspect that affects the EER is the length of the ECG records that they
used. The minimum length they used for enrollment and authentication
is 3 min; some records can be as long as 12 h for enrollment and 12 h for
authentication. In contrast, our dataset consists of 60 s for enrollment
and 4 s for authentication.
Table 1 compares the characteristics of our work with that of the
previously cited works. To compare fairly and accurately the results of
all three studies, our evaluation used the same data and parameter sets.
281
Sustainable Cities and Society 40 (2018) 274–283
Table 1
Comparison of Multimodal Results.
Manjunathswamy Singh and Singh This Proposed
et al. (2015) (2012) Work
Number of ECG: 11 features ECG: 20 features ECG: 8 features
Features FP: 2 set minutiae FP: 1 set of FP: 1 set of
– 1 ridge endings minutiae (ends minutiae (ends
– 1 bifurcations and bifurcations) and bifurcations)
Level of Fusion Feature level Score level Decision level
Reported Results FRR: 0% EER: 1.52% EER: 0.46%
FAR: 2.5%
Results with EER: 25.25% EER: 12.61% EER: 0.46%
Same
Parameters
Table 1 presents the results reported by these works and the results
from our evaluation of the algorithms. We do this to present a fair
comparison. We used the following parameters for all three compared
methods: Enrollment time of 60 s; authentication time of 4 s; number of
Subjects was set to 73, fingerprint data from the FCV2006 database
(Cappelli et al., 2007), and ECG data from the Physionet database. The
physionet database contains several databases. From those we use the
European ST-T Database, the MIT-BIH Normal Sinus Rhythm Data-base,
the MIT-BIH Arrhythmia Database and the QT Database (Goldberger
et al., 2000a, 2000b). Our proposed bimodal method has an EER of
0.46%, which is lower than Singh and Singh (2012) (EER of 12.61%)
and Manjunathswamy et al. (2015) work (EER of 25.25%).
Furthermore, our approach uses decision level in contrast to the
approach by Singh and Singh (2012) which fuses with a weight sum
rule at the score level. Fusion at the decision level provides in-
dependence between the matchers (i.e., each matcher works as a uni-
biometric until fusion). An independent matcher is the one that gen-
erates a score and makes the matching decision. When fusing at the
score level, matchers are not independent because each matcher gen-
erates a score and another decision module fuses all these scores and
makes a matching decision. When fusing at the decision level, matchers
are independent and another decision module provides a final decision
(match or non-match) based on the decision results of the unibiometrics
matchers. Prabhakar and Jain (2002) found that, in a multibiometric
approach, independent matchers perform better; therefore, that is one
of the reasons that decision-level fusion improves the performance in
our multibiometric approach.
5. Conclusion
Our results shows that fingerprint biometrics perform better than
ECG biometrics; however, if we combine them in a bimodal biometric
method, we significantly improve the results of the system. The EER for
the bimodal method was 0.46%., which was is less than the 1.18% EER
of the unibiometric fingerprint. The DET graph of our bimodal bio-
metric showed a FAR of 2.96% with a TAR of 100%. These results are
better than those of the ECG-SVM unibiometric, where TAR was 100%
with a FAR of 7%. In terms of security, ECG complements fingerprint
vulnerability of leaving marks behind. With fingerprints, a hacker can
lift marks left behind and gain access to the biometric system. However,
the task of hacking the system becomes more difficult with the addition
of ECG. A hacker cannot easily take an ECG record without prior
knowledge of the subject. In addition, ECG requires a user to be alive, a
quality that provides a new dimension of security to the fingerprint
biometrics. This bimodal biometric system is a solution for improving
the security in the interaction between things and users. This approach
provides a secure replacement of password management for users in-
teracting with IoT for smart cities. Users would no longer need to
concern with memory taxing about their passwords. Smart cities data
collection can be more accurate since there is a reduced risk of im-
postors to use unauthorized IoT devices. While this work focused on
J.S. Arteaga-Falconi et al.
improving an ECG – Fingerprint bimodal authentication algorithm, the
topics of security and privacy regarding storage and usage of biometric
data are important and should be properly studied in a specialized
work. For future work, we aim to apply the proposed bimodal algorithm
to specific applications and further introduce other biometric traits to
our multibiometric approach.
Acknowledgments
We would like to thank the Ecuadorian Government for financially
support Juan Arteaga-Falconi under the SENESCYT graduate scholar-
ship program.
References
Agrafioti, F., & Hatzinakos, D. (2008). ECG based recognition using second order statis-
tics. 6th annual communication networks and services research conference (cnsr 2008),
82–87. http://dx.doi.org/10.1109/CNSR.2008.38.
Arteaga-Falconi, J. S., Al Osman, H., & El Saddik, A. (2016). ECG authentication for
mobile devices. IEEE Transactions on Instrumentation and Measurement, 65(3),
591–600. http://dx.doi.org/10.1109/TIM.;1;2015.2503863.
Atrey, P. K., Hossain, M. A., El Saddik, A., & Kankanhalli, M. S. (2010). Multimodal fusion
for multimedia analysis: A survey. Multimedia Systems, 16(6), 345–379. http://dx.doi.
org/10.1007/s00530-010-0182-0.
Biel, L., Pettersson, O., Philipson, L., & Wide, P. (2001). ECG analysis: A new approach in
human identification. Instrumentation and Measurement, IEEE Transactions on, 50(3),
808–812.
Bigun, J. (2015). Fingerprint features. In S. Z. Li, & A. K. Jain (Eds.). Encyclopedia of
biometrics (pp. 609–619). Boston, MA: Springer US. http://dx.doi.org/10.1007/978-
1-4899-7488-4_50.
Cao, K., Yang, X., Chen, X., Zang, Y., Liang, J., & Tian, J. (2012). A novel ant colony
optimization algorithm for large-distorted fingerprint matching. Pattern Recognition,
45(1), 151–161. http://dx.doi.org/10.1016/j.patcog.2011.04.016.
Cappelli, R., Ferrara, M., Franco, A., & Maltoni, D. (2007). Fingerprint verification
competition 2006. Biometric Technology Today, 15(7–8), 7–9. http://dx.doi.org/10.
1016/S0969-4765(07)70140-6.
Chan, A. D. C., Hamdy, M. M., Badre, A., & Badee, V. (2008). Wavelet distance measure
for person identification using electrocardiograms instrumentation and measure-
ment. IEEE Transactions on, 57(2), 248–253.
Chiu, C. C., Chuang, C. M., & Hsu, C. Y. (2008). A novel personal identity verification
approach using a discrete wavelet transform of the ECG signal. 2008 international
conference on multimedia and ubiquitous engineering (mue 2008), 201–206. http://dx.
doi.org/10.1109/MUE.2008.67.
Clark, G. D., & Lindqvist, J. (2015). Engineering gesture-based authentication systems.
IEEE Pervasive Computing, 14(01), 18–25.
Derawi, M. O., Nickel, C., Bours, P., & Busch, C. (2010). Unobtrusive user-authentication
on mobile phones using biometric gait recognition. Intelligent information hiding and
multimedia signal processing (IIH-MSP), 2010 sixth international conference on,
306–311.
Espinoza, M., Champod, C., & Margot, P. (2011). Vulnerabilities of fingerprint reader to
fake fingerprints attacks. Forensic Science International, 204(1–3), 41–49.
Goldberger, A. L., Amaral, L. A. N., Glass, L., Hausdorff, J. M., Ivanov, P. C., Mark, R. G.,
... Stanley, H. E. (2000a). PhysioBank, PhysioToolkit, and PhysioNet. Circulation,
101(23), e215 LP–e220 LP [Retrieved from http://circ.ahajournals.org/content/101/
23/e215. abstract].
Goldberger, A. L., Amaral, L. A. N., Glass, L., Hausdorff, J. M., Ivanov, P. C., Mark, R. G.,
... Stanley, H. E. (2000b). PhysioBank, PhysioToolkit, and PhysioNet: Components of
a new research resource for complex physiologic signals. Circulation, 101(23),
e215–e220. http://dx.doi.org/10.1161/01.CIR.101.23. e215.
Goldberger, A. L. (2012). Clinical electrocardiography: A simplified approach (8th ed.).
Mosby Elsevier.
Guillen, E., Alfonso, L., Martinez, K., & Mejia, M. (2012). Vulnerabilities and performance
analysis over fingerprint biometric authentication network. Proceedings of the world
congress on engineering and computer science, Vol. II, 1–6. [Retrieved from] http://
www.iaeng.org/publication/WCECS2012/WCECS2012_pp 908-913.pdf.
Guo, Z., Karimian, N., Tehranipoor, M. M., & Forte, D. (2016). Hardware security meets
biometrics for the age of IoT. 2016 IEEE international symposium on circuits and systems
(ISCAS), 1318–1321. http://dx.doi.org/10.1109/ISCAS.2016.7527491.
Ho Cho, D., Park, K. R., Rhee, D. W., Kim, Y., & Yang, J. (2006). Pupil and iris localization
for iris recognition in mobile phones. Software engineering, artificial intelligence, net-
working, and parallel/distributed computing, 2006. SNPD 2006. Seventh ACIS interna-
tional conference on, 197–201.
Hoekema, R., Uijen, G. J. H., & Oosterom, A. V. (2001). Geometrical aspects of the in-
terindividual variability of multilead ECG recordings. Biomedical Engineering, IEEE
Transactions on, 48(5), 551–559.
Iancu, I., & Constantinescu, N. (2013). Intuitionistic fuzzy system for fingerprints au-
thentication. Applied Soft Computing, 13(4), 2136–2142. http://dx.doi.org/10.1016/j.
asoc.2012.11.001.
Israel, S. A., Irvine, J. M., Cheng, A., Wiederhold, M. D., & Wiederhold, B. K. (2005). ECG
to identify individuals. Pattern Recognition, 38(1), 133–142. Retrieved from http://
www.sciencedirect.com/science/article/pii/S0031320304002419.
282
Sustainable Cities and Society 40 (2018) 274–283
Jain, A. K., Ross, A., & Prabhakar, S. (2004). An introduction to biometric recognition.
IEEE Transactions on Circuits and Systems for Video Technology, 14(1), 4–20. http://dx.
doi.org/10.1109/TCSVT.2003.818349.
Jain, A. K., Ross, A., & Pankanti, S. (2006). Biometrics: A tool for information security.
IEEE Transactions on Information Forensics and Security, 1(2), 125–143. http://dx.doi.
org/10.1109/TIFS.2006.873653.
Jain, A. K., Ross, A. A., & Nandakumar, K. (2011). Introduction. Introduction to biometrics.
Boston, MA: Springer US1–49. http://dx.doi.org/10.1007/978-0-387-77326-1_1.
Kovacs-Vajna, Z. M. (2000). A fingerprint verification system based on triangular
matching and dynamic time warping. IEEE Transactions on Pattern Analysis and
Machine Intelligence, 22(11), 1266–1276. http://dx.doi.org/10.1109/34.888711.
Laguna, P., Mark, R. G., Goldberg, A., & Moody, G. B. (1997). A database for evaluation of
algorithms for measurement of QT and other waveform intervals in the ECG.
Computers in cardiology 1997, 673–676.
Multiple classifiers. In S. Z. Li, & A. Jain (Eds.). Encyclopedia of biometricsBoston, MA:
Springer US. http://dx.doi.org/10.1007/978-0-387-73003-5_2344 p. 986.
Lourenço, A., Silva, H., & Fred, A. (2012). ECG-based biometrics: A real time classification
approach. 2012 IEEE international workshop on machine learning for signal processing,
1–6. http://dx.doi.org/10.1109/MLSP.2012.6349735.
Maddala, S., Tangellapally, S. R., Bartůněk, J. S., & Nilsson, M. (2011). Implementation
and evaluation of NIST Biometric Image Software for fingerprint recognition. ISSNIP
biosignals and biorobotics conference 2011, 1–5. http://dx.doi.org/10.1109/BRC.2011.
5740672.
Maltoni, D. (2015). Fingerprint recognition, overview. In S. Z. Li, & A. K. Jain (Eds.).
Encyclopedia of biometrics (pp. 664–668). Boston, MA: Springer US. http://dx.doi.org/
10.1007/978-1-4899-7488-4_47.
Manjunathswamy, E., Abhishek, A. M., Thriveni, J., Venugopal, R., & Patnaik, L. (2015).
Multimodal biometric authentication using ECG and fingerprint. International Journal
of Computer Applications, 111(13), 33–39.
Markowitz, J. A. (2000). Voice biometrics. Communications of the ACM, 43(9), 66–73.
http://dx.doi.org/10.1145/348941.348995.
Martin, A., Doddington, G., Kamm, T., Ordowski, M., & Przybocki, M. (1997). The DET
curve in assessment of detection task performance.
Molina, G. G., Bruekers, F., Presura, C., Damstra, M., & van der Veen, M. (2007).
Morphological synthesis of ECG signals for person authentication. 2007 15th
European signal processing conference, 738–742.
Moody, G. B., & Mark, R. G. (2001). The impact of the MIT-BIH arrhythmia database.
Engineering in Medicine and Biology Magazine, IEEE, 20(3), 45–50.
National Institute of Standard and Technology (2011). Biometric score set. Retrieved from
http://www.itl.nist.gov/iad/894.03/biometricscores/.
National Research Council (2003). In S. T. Kent, & L. I. Millett (Eds.). Who goes there?
Authentication through the lens of privacyWashington, DC: The National Academies
Press. http://dx.doi.org/10.17226/10656.
Phillips, P. J., Martin, A., Wilson, C. L., & Przybocki, M. (2000). An introduction evalu-
ating biometric systems. Computer, 33(2), 56–63.
Ponemon Institute (2012). Visual privacy productivity study.
Prabhakar, S., & Jain, A. K. (2002). Decision-level fusion in fingerprint verification.
Pattern Recognition, 35(4), 861–874. http://dx.doi.org/10.1016/S0031-3203(01)
00103-0.
Raudys, Š., & Roli, F. (2003). The behavior knowledge space fusion method: Analysis of
generalization error and strategies for performance improvement. In T. Windeatt, &
F. Roli (Eds.). Multiple classifier systems: 4th international workshop, MCS 2003
Guildford, UK, June 11–13, 2003 proceedings (pp. 55–64). Berlin, Heidelberg: Springer
Berlin Heidelberg. http://dx.doi.org/10.1007/3-540-44938-8_6.
Ross, A., & Jain, A. K. (2015). Biometrics, overview. In S. Z. Li, & A. K. Jain (Eds.).
Encyclopedia of biometrics (pp. 289–294). Boston, MA: Springer US. http://dx.doi.org/
10.1007/978-1-4899-7488-4_182.
Ross, A. (2009). Multibiometrics. In S. Z. Li, & A. Jain (Eds.). Encyclopedia of biometrics
(pp. 967–973). Boston, MA: Springer US. http://dx.doi.org/10.1007/978-0-387-
73003-5_147.
Scotti, F., & Piuri, V. (2010). Adaptive reflection detection and location in iris biometric
images by using computational intelligence techniques Instrumentation and
Measurement. IEEE Transactions on, 59(7), 1825–1833.
Singh, Y. N., & Singh, S. K. (2012). Evaluation of electrocardiogram for biometric au-
thentication. Journal of Information Security, 3(1), 39–48.
Singh, Y. N., & Singh, S. K. A. (2013). Identifying individuals using eigenbeat features of
electrocardiogram. Journal of Engineering, 2013(539284), 8.
Taddei, A., Distante, G., Emdin, M., Pisani, P., Moody, G. B., Zeelenberg, C., & Marchesi,
C. (1992). The European ST-T database: Standard for evaluating systems for the
analysis of ST-T changes in ambulatory electrocardiography. European Heart Journal,
13(9), 1164–1172 [Retrieved from http://eurheartj.oxfordjournals.org/content/13/
9/1164. abstract].
Tan, X., & Bhanu, B. (2006). Fingerprint matching by genetic algorithms. Pattern
Recognition, 39(3), 465–477. http://dx.doi.org/10.1016/j.patcog.2005.09.005.
US Department of State (2002). Safety & security of U.S. borders biometrics. Retrieved from
https://travel.state.gov/content/visas/en/general/border-biometrics.html.
Van Oosterom, A., Hoekema, R., & Uijen, G. J. (2000). Geometrical factors affecting the
interindividual variability of the ECG and the VCG. Journal of Electrocardiology, 33,
219–227.
Wübbeler, G., Stavridis, M., Kreiseler, D., Bousseljot, R.-D., & Elster, C. (2007).
Verification of humans using the electrocardiogram. Pattern Recognition Letters,
28(10), 1172–1175. Retrieved from http://www.sciencedirect.com/science/article/
pii/S0167865507000463.
Wang, S., & Liu, J. (2011). Biometrics on mobile phone. In D. J. Yang (Ed.). Recent ap-
plications in biometrics (pp. 3–22). InTech.
Watson, C. I., Garris, M. D., Tabassi, E., Wilson, C. L., McCabe, R. M., Janet, S., & Ko, K.
J.S. Arteaga-Falconi et al.
(2008). User’s guide to NIST biometric image software (NBIS). National Institute of
Standards and Technology: National Institute of Standards and Technologyhttp://dx.
doi.org/10.1111/j.1468-0297.2006.01074.x.
Wayman, J. L. (2015). Biometric verification/identification/authentication/recognition:
The terminology. In S. Z. Li, & A. K. Jain (Eds.). Encyclopedia of biometrics (pp. 263–
268). Boston, MA: Springer US. http://dx.doi.org/10.1007/978-1-4899-7488-4_206.
283
Sustainable Cities and Society 40 (2018) 274–283
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues
in internet-of-things. IEEE Internet of Things Journal, 4(5), 1250–1258. http://dx.doi.
org/10.1109/JIOT.;1;2017.2694844.
Yoon, S., Feng, J., & Jain, A. K. (2012). Altered fingerprints: Analysis and detection. IEEE
Transactions on Pattern Analysis and Machine Intelligence, 34(3), 451–464. http://dx.
doi.org/10.1109/TPAMI.2011.161.