FB pixel

Biometrics Institute offers biometric attack detection and liveness guidance

Biometrics Institute offers biometric attack detection and liveness guidance
 

The Biometrics Institute has released a best practices document outlining presentation attack detection (PAD) and liveness in spoofing attacks. The independent organization looked into potential questions and guidelines for users to bear in mind when choosing a biometric product, but also came up with risk mitigation recommendations to contain an incident.

“Spoofing attacks pose a high security risk for those involved with biometric technology operations, so mitigating the risk and understanding presentation attack detection better is a priority for our members and stakeholders,” explains Isabelle Moeller, the Biometrics Institute’s chief executive.

The guidance document explains that cybercriminals can steal biometric data to create spoofs or fakes. Hackers can then use a printed photo, an image or video of someone on a tablet, or even a 3D mask or fake silicone fingerprint for large-scale attacks on biometric systems. This type of attack is known as a presentation attack.

Liveness detection, on the other hand, is a subset of PAD, determining whether the sensor is capturing a live biometric.

PAD testing is increasingly popular for biometric companies to demonstrate the security of their offerings, with several recently undergoing testing by iBeta.The report is the result of a joint partnership between the Biometrics Institute Security and Integrity Expert Group (BSIEG), and is based on feedback from a wide-ranging group of security and authentication experts.

Ted Dunstone, head of the BSIEG says, “When it comes to good practice in biometrics, testing for vulnerabilities and accuracy, alongside privacy and IT security, are key areas for review. Seriously considering the risk of a presentation attack and devising appropriate countermeasures is highly recommended.”

Biometrics Institute is an international promoter of the responsible and ethical use of biometrics and has repeatedly warned law enforcement about biometrics misuse if good practices are not followed. Earlier this year, the organization launched updated Privacy Guidelines to include GDPR and AI developments and received endorsement from Yoti for its seven ethical principles for biometrics.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

UK gov’t introduces new digital identity verification services bill

The UK government has announced a coming identity verification services bill that will support digital ID products and services from…

 

EES launch postponed to November, EU’s biometric border app may still not be ready

A smartphone app designed to streamline queues for the EU’s upcoming border checks will not be available in time for…

 

US government transitions Veteran’s Affairs, IRS to Login.gov or ID.me

The U.S. Department of Veterans Affairs (VA) says it will implement a more streamlined login process for veterans to access…

 

Data breach raises questions about Fractal ID’s decentralized identity architecture

A data breach at decentralized digital identity verification provider Fractal ID has exposed the ID documents and facial images of…

 

Physical IDs no longer mandatory in Azerbaijan, where 65% use digital identity

Physical and digital IDs have reached parity in Azerbaijan, where the government has announced that identity information provided through the…

 

Recfaces argues biometric data privacy rule carries Olympics security risk

RecFaces is calling for facial recognition technology (FRT) to be used as a key security measure to protect critical infrastructure…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events