FINGERPRINT BASED EMAIL SECURITY

The security issues and vulnerabilities which are directly or indirectly depending on fingerprint verification system architecture can be illustrated in Figure 8. These ten vulnerability points can be used in several parts to attack fingerprint systems directly or indirectly. At the first point, the vulnerability belongs to Fingerprint sensor in which it causes some security issues. The possibility of making fake fingerprints or a person's finger is being modified in several ways by cutting fingerprints, and fingerprint uniqueness even in twins are first vulnerability points which arose direct attacks. Accessing a system illegally is possible by producing copy versions of fingerprints. The rest points in Figure 8 are vulnerable to indirect attacks. Points 2, 4, 5, 7, and 9 are regarded as communication channel weaknesses which can be exploited to implement an attack in processing images, adding and reading extracted features from database server and presenting a fake matching score for accepting or rejecting person’s fingerprint.

From years ago up to now, the cryptography algorithms whether symmetric or asymmetric, have been used for encryption and digital signature purposes. Most of email websites are using cryptography techniques for their CA certificates issued by a Trusted Third Party (TTP) along with SHA-1 and MD5 fingerprints. Though all of these attributes added in emailing procedures are trying to fulfill the security properties such as confidentiality, integrity, availability, origin authentication, and non-repudiation, they still lack non-repudiation security property. In information security era, all researchers are trying to provide new methods to omit existing vulnerabilities, which attackers are using to implement an attack. Emails such as scams, spams, and spoofing are dramatically increasing these days and nothing can stop them though there are anti spammers and anti viruses to mitigate critical threats. All of mail boxes are relying on a simple password that users are trying to keep it as simple as they can, because they need to remember so many pas....Biometric techniques and devices are developing rapidly and are mostly being used in passports, ATMs, and daily operations. For what reason biometric properties which are not being forgotten (passwords) or stolen (tokens) are not being used for email communications?