Implementing Fingerprint Authentication in Computer-Based ...

Nigerian Journal of TechnologyVol. 40, No. 2, 2021, 2021, pp. 284–291.

www.nijotech.com

Print ISSN: 0331-8443Electronic ISSN: 2467-8821

http://dx.doi.org/10.4314/njt.v40i2.14

Implementing Fingerprint Authentication inComputer-Based Tests

A. E. Evwiekpaefea,∗, V. O. EyinlabaDepartment of Computer Science, Nigerian Defence Academy, Kaduna State, NIGERIA.

bCenter for Information and Communication Technology, Air Force Institute of Technology, Kaduna State,NIGERIA.

AbstractThe use of computers to conduct examinations is more effective than traditional paper-based examinations interms of immediate availability of results and long term cost effectiveness. This however is faced with identifyingand authenticating the real identities of the examinees so as to reduce impersonation. The study examined theexisting authentication method available on the Computer-based test system of Air Force Institute of Technology(AFIT), Kaduna, Nigeria and proposed the fingerprint biometric technique as an additional method to authenticatethe examinees. The fingerprint biometric authentication was developed using FlexCode SDK and implemented onDigitalPersona 4500 fingerprint reader – the recommended scanner by JAMB for fingerprint enrollment. Thesystem was developed using PHP scripting language on XAMPP local server and MySQL database system. Theresults obtained showed that there is no need for a middleware to link the authentication module with the CBTbecause of the Single Sign-On technique implemented. This result thus improved the level of authentication andaccess to the CBT. This will therefore reduce impersonation and increase the level of awareness of CBT by academicstakeholders.

Keywords: authentication, biometrics, computer-based tests, fingerprint, impersonation

1. INTRODUCTIONThe evolution of new technologies has drasti-

cally changed the mode of learning and assess-ment of students’ performance. This does not ex-clude the practice of selection of candidates formatriculation into any Nigerian tertiary institu-tion by the Joint Admissions and MatriculationsBoard (JAMB). Before the year 2015, the conductof admission selection examinations called Uni-fied Tertiary Matriculation Examination (UTME)was paper-based. The former registrar of JAMB,Prof. Dibu Ojerinde, itemized some reasons be-hind the proposal of Computer-based Tests (CBT)for the conduct of the examination [1]. These in-clude security challenges, high cost of transport-ing the examination materials and curbing exam-ination malpractices among the examinees.CBT has a number of important advantages

compared to traditional paper-based tests (PBT)such as efficiency, immediate scoring and feed-back in the case of multiple-choice question tests[2]. Also, e-examination can improve the stan-dard of student’s examination whereas the con-ventional examination system using the pen andpaper requires more effort on the part of studentsand invigilators [3].

∗Corresponding author (Tel: +234 (0)803 560 0524)Email addresses: [email protected] (A.

E. Evwiekpaefe), [email protected] (V. O. Eyinla)

Despite these advantages, CBT is not withoutits own challenges. Ensuring that examinees donot search computer directories or surf online toget answers is a challenge. In addition, guaran-teeing that examinees do not engage in examina-tion impersonation is almost impossible. Again,since the inception of e-learning, there has beena security breach as it poses various threats es-pecially when exams are held electronically (on-line). Security is one of the challenges of both tra-ditional and online-based examination systems.One way to mitigate security breach during onlineexamination is to identify, authenticate and mon-itor candidates during online examination [3].There is therefore the need to uniquely iden-

tify examinees in the course of examination un-dertaken. Over the decades, biometrics espe-cially the fingerprint biometrics has been used tosuccessfully identify and verify the unique iden-tity of individuals. However, the successful ap-plication of the fingerprint biometrics with CBTin Nigerian higher institutions has limited use.This study therefore is aimed at minimizing thechances of examinees engaging in examinationimpersonation by implementing a biometric basedauthentication system that validates the authen-ticity of the examinees during CBT examinationin AFIT. The study shall also implement a singlesign-on technique to eliminate the need for a mid-dleware.

© Faculty of Engineering, UNN, 2020.

Implementing Fingerprint Authentication in Computer-Based Tests 285

2. REVIEW OF RELATEDWORKAjinaja [4] focused on using Component-Based

software model in the development of a Com-puter based Test software. The CBT was de-veloped using both the widely accepted Water-fall Model and Reuse-oriented software processmodels. The whole implementation of the soft-ware was achieved using Source Based tech-nologies such as XAMP server, PHP, MySQL,JavaScript, Hypertext Markup Language andCascading Style Sheet as template design.Khlifi et al [5] observed that the main challenge

facing the security of e-assessment and the e-learning environment is how to authenticate stu-dents because unauthorized persons can accessand manage information. The authors proposed anovel security scheme that contributed in resolv-ing this vital issue by introducing an efficient se-cure model for supervising online evaluation in-cluding e-assessment or e-exam. The scheme ad-dressed this imperative problem by proposing anapproach that integrated available databases au-thentication technologies in conjunction with e-learning environments for controlling unethicalbehavior during e-assessment process.Alarape et al [6] study implemented a computer-

based assessment security system using biomet-ric facial data. The system was tested at FederalPolytechnic, Bida with some selected students. [7]developed a computer-based test centre using bio-metric fingerprint for verification/authenticationand tied the MAC adders of all the system to theprogram server. The system also tied the com-puters with the server through quantummechan-ics distribution (QKD) for the intranet only, toprevent intruders via intranet; building a sys-tem that will not be compromised and with de-sired confidence. The performance under test wasfound to be satisfactory when comparing Man-ual verification/authentication (average 6.6sec)to Biometric verification/authentication (average1sec).Ibrahim et al [3] addressed the issue of accuracy

in biometrics by proposing an image enhancementapproach that incorporated SecuGen fingerprintin conjunction with electronic learning environ-ments to curb unethical conducts associated withelectronic examination in a university environ-ment. Image enhancement was performed us-ing crossing number concept to extract the en-hanced images so as to improve the image qual-ity. It was coded using Java (NetBeans IDE 7.4)to implement algorithms for enhancement, minu-tiae extraction and matching processing, wherethe resulting minutiae information was used as amethod for identifying and matching fingerprints.Similarly, [8] authors improved on fingerprint en-rolment of students to grant access for the conductof e-exam.Gil et al [9] described a fingerprint identifica-

tion system (FIS) developed to be integrated inlearning management system (LMS). Hence, amiddleware is necessary to connect any LMS withtheir own FIS, which will provide them a scalable,robust, easy integration in any LMS. Ramu and

Arivoli [10] proposed a framework that providedsecurity to improve on-line examination by utiliz-ing technologies such as biometric authenticationbased Keystroke Dynamics. The paper addressedthis important problem by proposing a theoreticalframework that incorporated available biometricauthentication technologies in conjunction withKnowledge based authentication. Discussions onfuture research and possible implications of theproposed theoretical framework for practice wereprovided.Garko and Ahmad [11] proposed a system that

will help in identifying and verifying student dur-ing examinations with a view of minimizing ex-ams malpractice. The paper observed that theintroduction of fingerprint based exam verifica-tion system will help to easily identify studentsthat registered for a particular course and caneasily identify students that are eligible to enterthe exam hall. Prototyping software developmentmethodology was adopted in the paper. VisualBasic 6.0 was used to design the interfaces andMysql was used as the back-end. The output fromthe system showed that, the proposed frameworkismore secured, more efficient, and has better per-formancewhen comparedwith themanual systemof students’ verification.Joshy et al [12] focused on discussing a

multi-factor authentication scheme specificallydesigned for securing online examination serviceswithout compromising user friendliness. The ex-perimentation results clearly brought out the ap-plicability of the scheme in real time with fine-tuning of network related parameters.From the review of literature, the application of

the fingerprint biometrics with CBT in Nigerianhigher institutions has limited use. This study in-tends to narrow this gap. Therefore, this researchis developed to eliminate the need for a middle-ware as found in study [9]. This is achieved by in-troducing a Single Sign-On approach. Also, ourapproach is web-based such that the client sys-tems need no separate setup installation as iden-tified in Ref. [7]. The study proposed fingerprintauthentication against facial recognition of Ref.[6] because identical twins may pass facial au-thentication.3. METHODOLOGY3.1. Analysis of Existing SystemThis paper critically reviewed the authentica-

tion method of the existing computer-based test-ing system in Air Force Institute of Technology,Kaduna. The existing method of authenticatingexaminees is the use of login credentials only.One major drawback with the existing authenti-cation method is that two independent candidateswith the aim of impersonating one another can ex-change user login credentials successfully to en-gage in examination malpractice.3.2. Framework of the Proposed SystemThis study proposes additional authentication

methodwith the existing credential-basedmethodof accessing the CBT system as depicted in Fig. 1.

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

286 A. E. Evwiekpaefe and V. O. Eyinla

Figure 1: Framework of the Proposed System

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

Implementing Fingerprint Authentication in Computer-Based Tests 287

Figure 2: COM and OLE Diagram of the Proposed System

It implements fingerprint biometric authentica-tion as a means of identifying the examinees.3.3. Proposed System DesignThe methodology used in this study is

Component-based software engineering (CBSE).As seen in Fig. 2, the Component Object Model(COM) and Object Linking and Embedding (OLE)diagram, a call to the “requires” interface of thefingerprint device API (in this context – the BioAuth component) makes the API process therequest by capturing examinees fingerprint foreither enrollment or verification. It then returnsthe desired services via its “provides” interface tothe next component for further actions.3.4. Proposed System DevelopmentThis study used the Flexcode Software Develop-

ment Kit (SDK) to implement the fingerprint bio-metric authentication component of the system.FlexCode SDK provides advanced solution to re-trieve fingerprint data from DigitalPersona fin-gerprint device specifically 4500 model. The func-tions in FlexCode SDK are not too basic, the func-tions concept are instant, you simply call the func-tions required for registering and verify finger-prints then the SDK does the registration processand verification process [7]. The native develop-ment environment is PHP. The system was imple-mented on Apache XAMPP server using MySQLas the database.4. RESULTS AND DISCUSSION4.1. Fingerprint Biometric EnrollmentFigure 3 shows the process of registering stu-

dent’s fingerprint. The data is stored in thedatabase as a template.The template generated during enrollment is

used later for matching during verification pro-cess. A successful enrollment process is seen inFig. 4.

As shown in Fig. 4, enrolment process isskipped. Fingerprint data templates are down-loaded directly from JAMB and uploaded to theBio_Auth database. These templates are latervalidated again candidates fingerprint scanned.

4.2. Traditional Login (using credentials)The candidates login to the CBT system as seen

in Fig. 5 using their JAMB registration numberas username and a default password that will begiven to them. Usually, the JAMB registrationnumber is in the format of 8-digit numbers and2-alphabets e.g. 96811559AH.

4.3. Fingerprint Biometric VerificationTo identify a finger, after a successful login us-

ing credentials, the templates are used to com-pare the fingerprints scanned. Figure 6 shows theresult of a fingerprint match (red indicator for afailed fingerprint match and green indicator for asuccessful fingerprint match.)After a successful fingerprint verification, a suc-

cess message is displayed with a link to proceed tothe LMS/CBT application as seen in Fig. 7.Clicking on the “Proceed to LMS” link takes the

examinee to the CBT dashboard as seen in Fig. 8.This study implemented the option of Single Sign-On (SSO) method to pass the login parameters tothe LMS login component. The component pro-cesses the credential and redirects the examineeto the LMS dashboard if the credential is validor returns the examinee back to credential loginpage if invalid.Implementing fingerprint biometric authenti-

cation is dependent on some factors. The finger-print device available, the choice of programminglanguage of the CBT, available SDK and the bud-get for the project can influence the implementa-tion.

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

288 A. E. Evwiekpaefe and V. O. Eyinla

Figure 3: Fingerprint biometric enrollment process

Figure 4: Successful fingerprint enrollment

Table 1: Performance evaluation with related studies.

S/N Author Biometric Fingerprint Requires No middleware Web-based Remark1 [3] Yes Yes No Yes2 [4 No No Yes Yes3 [5] No No Yes Yes4 [6] Yes No Yes No5 [7] Yes Yes Yes No6 [8] Yes Yes No Yes7 [9] Yes Yes No No8 [10] Yes Yes Not specific Yes Not implemented9 [11] Yes Yes No No10 [12] Yes Yes Not specific Yes Not implemented11 This study Yes Yes Yes Yes

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

Implementing Fingerprint Authentication in Computer-Based Tests 289

Figure 5: Login page using username and password

Figure 6: Fingerprint verification

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

290 A. E. Evwiekpaefe and V. O. Eyinla

Figure 7: Success message with a link to access the CBT

Figure 8: CBT Dashboard

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.

Implementing Fingerprint Authentication in Computer-Based Tests 291

4.4. Performance Evaluation of the StudyCompared with Extant Literatures

A review of performance indices of related stud-ies was done in comparison with the outcome ofthis research as found in Table 1.The table above identifies the flexibility of im-

plementation across the various related litera-tures. The result shows that this study takes intoconsideration the limitations of most of the worksalready done and improved on them to ensure bet-ter performance.

5. CONCLUSION

This paper understudied the existing CBT sys-tem in AFIT, Kaduna and discovered that the cur-rent method of authenticating examinees may af-fect the acceptability and authenticity of the re-sults from the system. An authentication methodusing fingerprint biometric was proposed. Thefingerprint biometric authentication system wasdeveloped using FlexCode SDK and it was im-plemented on DigitalPersona 4500 fingerprintreader. The CBT system was developed usingPHP scripting language and the implementationwas done on XAMPP local server and MySQL wasdatabase system used. The result improved thelevel of authentication and access to the CBT inAFIT.

References[1] C. Okoronkwo. (2019, December) Appraising

JAMB’s Computer-Based Test. [Online]. Avail-able: https://guardian.ng/news/features-appraising-jambs-computer-based-test/

[2] A. Boevé, R. Meijer, C. Albers, Y. Beetsma, andR. Bosker, “Introducing computer-based testing in high-stakes exams in higher education: Results of a field ex-periment,” PLOS ONE, vol. 10, no. 12, pp. 1–13, 2015.

[3] M. Ibrahim, A. Othman, O. Adewale, and B. Balo-gun, “Design of a fingerprint biometric authenticationtechnique for electronic examination,” InternationalJournal of Computer Science and Telecommunications,vol. 8, no. 2, pp. 8–15, 2017.

[4] M. Ajinaja, “The design and implementation of a com-puter based testing system using component-basedsoftware engineering,” International Journal of Com-puter Science and Technology, vol. 8, no. 1, pp. 58–65,2017.

[5] Y. Khlifi and H. El-Sabagh, “A novel authenticationscheme for e-assessments based on student behav-ior over e-learning platform,” International Journal ofEmerging Technologies in Learning, vol. 12, no. 4, pp.62–89, 2017.

[6] M. Alarape and M. Saheed, “Enhancing computer-based assessment security using biometric facial data,”Circulation in Computer Science, vol. 2, no. 4, pp. 22–26, 2017.

[7] O. Omorogiuwa and F. Nwukor, “Design and implemen-tation of a computer based test centre using biometricfor authentication,” American Journal of Advanced Re-search, vol. 1, no. 1, pp. 13–18, 2017.

[8] M. Ibrahim, A. Othman, B. Balogun, U. Musa, andC. Ujah, “Development of a fingerprint biometric au-thentication scheme in electronic examination,” Inter-national Research Journal of Advanced Engineeringand Science, vol. 2, no. 1, pp. 177–185, 2017.

[9] C. Gil, G. Diaz, and M. Castro, “Fingerprint identifi-cation in LMS and its empirical analysis of engineerstudents’ views,” in IEEE EDUCON 2010 Conference,,Madrid, Spain, April 2010, pp. 1729–1736.

[10] T. Ramu and T. Arivoli, “A Framework of Secure Bio-metric Based Online Exam Authentication: An Alter-native to Traditional Exam,” International Journal ofScientific&Engineering Research, vol. 4, no. 11, pp. 52–60, 2013.

[11] A. Garko and A. Ahmad, “Design andModeling of a Stu-dent Verification System in an Examination in Nige-ria using Biometric Fingerprint Technology,” Interna-tional Journal of Advanced Academic Research: Sci-ences, Technology & Engineering, vol. 3, no. 7, pp. 1–16,2017.

[12] N. Joshy, G. Kumar, P. Mukhilan, M. Prasad, T. Ra-masamy, and N. Harini, “Multi-factor authenticationscheme for online examination,” International Journalof Pure and Applied Mathematics, vol. 119, no. 15, pp.1705–1712, 2018.

Nigerian Journal of Technology (NIJOTECH) Vol. 40, No. 2, March 2021.