The widespread use of biometrics to authenticate the person’s identity has raised security and privacy concerns for the stored biometric templates. These templates once compromised cannot be reissued like the traditional passwords. Therefore, there is a great need to embed template security in biometric authentication systems. To address this, the paper suggests a privacy-preserving secure multimodal biometric authentication system using cancellable biometric template with Homomorphic Encryption (HE) to provide protection to user identity on both the storage and matching stages of authentication. Biometric traits such as fingerprint, palmprint and finger vein undergo feature extraction before the application of one-way hashed function on permuted template, thereby ensuring non-invertible transformation with the templates being revocable and non-linkable. The encrypted and fused transformed biometric characteristics then get compared in the encrypted domain. A template revocability experiment was carried out to test extensively the security and reliability, in which it has been observed that regenerated templates are unlinkable. Also, a pilot implementation of the system was used to perform penetration testing, which gave the impression of different adversarial attacks. The biometric standard measures were used to assess the performance of the system which recorded a Genuine Acceptance Rate (GAR) of 98.67%, False Acceptance Rate (FAR) of 0.8%, False Rejection Rate (FRR) of 1.33% and Equal Error Rate (EER) of 1.065%. These findings affirm the effectiveness of the suggested framework at delivering an excellent recognition accuracy, acceptable privacy and resistance against attacks, which qualifies it as an optimal security biometric authentication scheme in the real life.
