Course Title: Smartcards and Biometrics for Cyber Security

Part A: Course Overview

Course Title: Smartcards and Biometrics for Cyber Security

Credit Points: 12.00

Important Information:

Please note that this course may have compulsory in-person attendance requirement for some teaching activities. If a course has compulsory in-person attendance for some teaching activities or assessment, you will need to comply with your local state/national vaccination mandate/rules/guidelines for on-campus attendance and assessment that apply when the course starts and throughout the duration of the entire course. The applicable vaccine mandate may require you to have COVID vaccinations or an approved medical vaccination exemption to attend RMIT in-person activities. Please also read this RMIT Enrolment Procedure as it relates to vaccination and your study at RMIT:

Please check your Canvas course shell to see if this course requires mandatory in-person attendance closer to when the course starts, as the situation might change quickly due to changes in your local state/national directive regarding in-person course attendance.


Course Code




Learning Mode

Teaching Period(s)


City Campus


145H Mathematical & Geospatial Sciences


Sem 2 2006,
Sem 2 2007,
Sem 2 2008,
Sem 1 2010,
Sem 2 2011,
Sem 1 2013,
Sem 1 2016


City Campus


171H School of Science


Sem 2 2017,
Sem 1 2019,
Sem 2 2020

Course Coordinator: Dr Arathi Arakala

Course Coordinator Phone: +61 3 9925 2279

Course Coordinator Email:

Course Coordinator Location: 15.3.7

Course Coordinator Availability: by appointment, by email

Pre-requisite Courses and Assumed Knowledge and Capabilities

Pre-requisites: INTE1120 Introduction to Information Security and INTE1122 Case Studies in Information Security
Co-requisites: INTE1125 Cryptography and Security

Course Description

This course extends the broad overview of information security presented in the prerequisite courses and introduces a rigorous and practical study of authentication systems that use multi factor authentication. 

Passwords alone have been proven to be ineffective over the last five years and additional factors are necessary to complement the authentication process. We will study the mechanisms behind token-based authentication like smartcards (something you have) and biometric authentication (something you are).  

We will study the basic structure of token-based authentication systems. We will then dive into the cryptographic primitives that keep token-based systems secure and analyse the security of these primitives. We will study side-channel attacks on hardware tokens, that focus on the implementation of the system rather than the cryptosystem itself. 

This course introduces the architecture of a biometric authentication system. We will study a variety of biometric modalities like fingerprint, face, and iris. In addition, we investigate combinations of modalities and their applications in a variety of settings to meet security and accuracy needs. We will also look at attacks on biometric systems and techniques to prevent and mitigate them. 

This course includes a Work Integrated Learning (WIL) component in which your knowledge and skills will be applied and assessed in a real or simulated workplace context and where feedback from industry and/or community is integral to your experience. Your WIL activities involve simulations using industry standard technology and case studies on real world implementations of these systems.  

Objectives/Learning Outcomes/Capability Development

On completion of this course you should be able to: 

CLO1: Apply cryptographic constructs and industry standard frameworks to develop solutions for multi factor authentication systems. 

CLO2: Identify the vulnerabilities and inspect the security of cryptographic protocols and structures used in multi factor authentication systems  

CLO3: Implement cryptographic algorithms and multi factor authentication models using industry standard software and scripting languages. 

CLO4: Demonstrate ability to research beyond the course material and explain complex cryptographic and technical ideas in clear, professional English in a range of forms (written, oral, electronic, graphic). 

CLO5: Apply project management practices including managing team dynamics to complete a project.  

CLO6: Discuss the role of ethics in protecting security and privacy through multi factor authentication. 

The course aligns with the following Program Learning Outcomes (PLOs) of MC159 

PLO 1: International Orientation and Strategic Thinking - 

           Demonstrate a strategic and practical overview of complex issues in cyber security.

PLO 2: Critical Analysis and Problem Solving -  

           Evaluate cyber security risks across diverse service settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services; Undertake professional careers or postgraduate research in cyber security or other IT related fields, acquiring the required information needed to identify real world solutions to real world cyber security problems. 

PLO 3: Communication - 

           Communicate effectively both technical and non-technical material in a range of forms (written, electronic, graphic, oral) and to tailor the style and means of communication to different audiences. 

PLO 4: Ethical Values - 

           Demonstrate an advanced ability to appreciate the ethical considerations that inform judgments and decision making in academic and professional settings 

PLO 5: Self-Management, Teamwork and Leadership - 

           Work autonomously and effectively within and potentially as a leader of an interdisciplinary team. 

Overview of Learning Activities

A variety of planned student learning experiences will accommodate the learning outcomes envisaged for this course. This includes individual and group activities and laboratory-based learning experiences. 

A presentation format will provide an overview of the specified study area and direct you to foundational, analytical, and evidence-based readings about cryptographic primitives and systems used in multi factor authentication systems. Facilitated open discussions will draw on your capacity to solve problems, to think critically and analytically and reflect on your own relevant work and life experiences. Your capacity to solve problems and to think critically and analytically will also be addressed through problems presented in lectures, tutorials and facilitated seminars. 

Individual and group activities, such as in-semester assessments, will provide you with on-going feedback on your progress. In-semester assessments may take the form of problem-based assignments, timed assessments and/or programming/software-based solutions.  Written and Oral presentation of work may also form part of the assessment. The assessments will reinforce the material covered in lectures and in your personal study.  

An end-of-semester assessment that will test your comprehension of the subject material and your ability to apply this understanding to real world problems will complement your learning.  

You will be expected to understand the plagiarism policy enforced at RMIT and practice academic integrity. 

Overview of Learning Resources

You will be expected to expand on the subject matter provided as pre-recorded videos and lecture notes. This will take the form of accessing various external and internal resources, such as the library and the Internet. References to books, including text and reference books will be provided in class. 

You will also be given resources to start using a programming language tool to deepen understanding of the mathematics learnt in this course. 

The Internet will be the most important source for academic, technical and white papers and you will be required to use this as a learning resource on a regular basis. In addition, your classmates and tutor/lecturer are also important learning resources as will be demonstrated in facilitated discussions. 

Canvas: This course is supported online using Canvas, which gives access to important announcements, a discussion forum, staff contact details, the teaching schedule, assessment timelines. You are advised to read your student EMS e-mail daily for important announcements. You should also visit the course Canvas site at least once a day where you will find important announcements regarding the course and all key documents. 

Overview of Assessment

This course has no hurdle requirements.

Assessment Tasks:

Assessment 1: Software-based practical assessment  
Weighting 30% 
This assessment supports CLOs 1, 3, 4, 5 

Assessment 2: Problem based online timed tests
Weighting: 40%
This assessment supports CLOs 1, 2, 4

Assessment 3: Case study-based group project
Weighting: 30%
This assessment supports CLOs 1, 4, 5, 6