Novetta VP appointed to ISO editor position

Novetta vice president of special projects, Michael Thieme, has been appointed editor of ISO/IEC 30107-4, a performance testing standard related to biometric presentation attack detection. This performance testing standard will address spoofing and presentation attacks against mobile devices such as iPhones and Android smartphones. “This appointment further solidifies Novetta’s role as a thought leader in emerging biometric and identity-related technologies,” said Tiffanny Gates, Novetta president and chief executive officer. “We look forward to supporting this important and challenging work.” According

Researchers find smartphone fingerprint sensors potentially vulnerable to “MasterPrints”

Smartphone fingerprint sensors could be fooled up to 65 percent of the time by “MasterPrints” digitally composed from common fingerprint features, according to findings published Monday by researchers at New York University and Michigan State University. In the report MasterPrint: Exploring the Vulnerability of Partial Fingerprint-based Authentication Systems, the researchers warn that partial fingerprint-based authentication systems are potentially vulnerable to compromise, particularly when multiple impressions of each finger are enrolled. Enrolling multiple impressions is often required by devices to ensure

Crossmatch wins $5.8M IARPA contract

Crossmatch has been awarded a $5.8 million contract to develop next-generation presentation attack detection (PAD) technologies for the Intelligence Advanced Research Projects Activity (IARPA) Thor program. “Innovation has been a driving force within Crossmatch from the onset and IARPA’s Thor program will allow us to innovate and develop new technologies and solutions that surpass existing PAD systems,” said Crossmatch SVP-CTO Bill McClurg. “These solutions will drive new commercial opportunities and market demand, and Crossmatch is excited to have this opportunity

Biometrics in security: protecting sensitive PII and the sanctity of user identity

This is a guest post by David D. Dunlap, Co-Founder and Senior VP of Corporate Planning, StoneLock Our personal identity is our single greatest asset – after all, how can one function in the world without an identity? However, the use of technology to assign identities warrants the need to balance out the requirements for security with the vital necessity of protecting individual privacy. The use of biometrics has been the subject of serious debate in the Security Industry for

iBeta wraps up spoofing and liveness testing project

iBeta Quality Assurance, a full-service biometrics, software quality, security, and performance testing lab, recently completed a successful project for a mid-sized bank to evaluate the False Accept Rate (FAR), False Reject Rate (FRR), and Spoof False Accept Rate (SFAR) of several biometric subsystem vendors’ products across multiple modalities. “Spoofing and liveness testing is an increasingly important part of any thorough evaluation of biometric technology as black hats look for new ways around improved biometrics-based security,” said Dr. Kevin Wilson, Director

IARPA launching two programs aimed at making fingerprints more reliable biometrics

Intelligence Advanced Research Projects Activity (IARPA), the intelligence community’s research arm, will soon launch two programs designed to detect fake fingerprints and develop devices to collect fingerprint data without the aid of a human operator, according to a report by GCN. The Odin program, which is scheduled to begin with four prime developers in early March, will develop detection technologies that can spot presentation attacks on biometric devices that attempt to spoof physical biometric samples, said Chris Boehnen, senior program

CMU researchers develop glasses that dupe facial recognition

Researchers from Carnegie Mellon University have developed a special pair of eyeglass frames in which it can enable commercial-grade facial recognition software to identify the wrong individual with up to 100% success rate, according to a report by In a research paper presented at a security conference last week, CMU researchers demonstrated how they could dupe AI facial recognition systems into misidentifying faces. In other words, the glasses were able to make an individual who is captured on camera

Facebook photos could be used to dupe facial recognition

In a presentation delivered at the Usenix security conference earlier this month, security and computer vision researchers from the University of North Carolina said that would-be criminals could exploit Facebook images to dupe certain facial recognition technology, according to a report in Yahoo Tech. In its research, the UNC researchers collected photos of 20 volunteers from various websites including Facebook, LinkedIn, and others. Using these images, they generated 3D models of each person’s face, added facial animations, and edited their

U.S. intelligence community seeks to detect biometric spoofing

In an effort to strengthen its proposed biometric screening system, known as Tactical High-Threat Operational Response (THOR), the Intelligence Advanced Research Projects Activity (IARPA), an operation of the Office of the Director of National Intelligence, has issued a request for proposals to develop security enhancements. The IARPA is seeking to develop technologies that detect when someone is attempting to disguise their biometric identity, or “spoof”, in order to circumvent its biometric security systems. The proposed approaches that the department is

Researchers at MSU spoof a fingerprint protected smartphone using an inkjet printer

Michigan State (MSU) researchers, Anil Jain and Kai Cao, have discovered an inexpensive and quick method to unlock a mobile phone protected by fingerprint biometrics using an off-the-shelf printer and special photo paper. The process can be done in under 15 minutes and uses a normal Brother brand inkjet printer and conductive silver ink and a type of photo paper which are both available from a Japanese manufacturer called AgIC. The researchers detailed the process in a technical report and