FB pixel

Protection from biometric spoof attacks requires emerging technologies and standards adherence

Opening keynote at eu-LISA Industry Roundtable highlights security challenges
Protection from biometric spoof attacks requires emerging technologies and standards adherence
 

Advanced biometric technologies and standards are necessary to build adequate presentation attack detection (PAD) into border control systems, Norwegian Biometrics Lab (NBL) Chair Dr. Christoph Busch told an audience during day one of the eu-LISA Industry Roundtable.

Busch is also principal investigator at the German National Center for Applied Cybersecurity (ATHENE) and a co-founder of the European Association for Biometrics (EAB).

The three main points in biometric systems for targeted attacks, according to Busch, are the capture device, which is potentially vulnerable to presentation attacks, the network transmitting the data, which could be protected by cryptography and face morph detection, and the database, in which biometric templates must be protected.

The talk outlined different types of presentation attacks than can be carried out in non-supervised data capture situations, such as at kiosks, as well as face morphing enrollment attacks and face sample quality as the three main potential presentation attack vulnerabilities of the eu-LISA system.

Presentation attacks can take the form of imposter attacks for positive access, and concealment to induce a false negative match in a 1:N check against a watchlist.

For fingerprint and face biometric spoofing, there are technologies and standards in development that could help ward off both attack types.

Fingerprint capture devices with optical coherence tomography (OCT) could be used to observe live skin properties and sweat glands, while laser speckle contrast imaging (LSCI) could be used to detect blood flow. Fingerprint algorithms with singular point density analysis can pick up the noisy friction ridge areas that can indicate an altered print.

For facial recognition, short wave infrared range (SWIR) imaging holds promise for detecting skin, while makeup-based attacks present a unique challenge due to the use of makeup for non-spoofing purposes by many people. For morphing attack detection, single-image and differential attack detection methods are considered.

Questions also remain about how image quality may affect eu-LISA’s biometric systems, and face image quality was the topic of EAB Research Projects Conference Chair Javier Galbally’s keynote on day two.

Standardized testing metrics for PAD technologies were discussed, including ISO/IEC 29794-1, 29794-4 and 29794-5, which relate to image quality, ISO/IEC 24358 for face-aware capture devices, and other standards for logical data structure. Busch explained the ISO/IEC 30107-3 PAD standard, including the need to keep both attack presentation classification error rate (APCER) and bona fide presentation classification error rate (BPCER) low, and how the imposter attack presentation match rate (IAMPR) applies to full system evaluations.

The EAB and industry stakeholder are also continuing to develop fraud-prevention methods through research projects like the TReSPAsS ETN on secure and privacy preserving biometrics and the iMARS face morph attack detection initiative.

Further presenters during day one of the eu-LISA Industry Roundtable included representatives of Idemia, IN Groupe, Gatekeeper Security Inc, secunet and Vision-Box. Sessions on days two and three of the event are focusing on ensuring consistent data quality and the interoperability and accessibility of data.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

UK digital age assurance receives support from stakeholders: Reports

UK’s attempts to legalize digital age assurance technology are likely to be successful, according to media reports. In January, the…

 

Ghana unveils biometric border management system, e-gates at main airport

Ghana has upgraded its border management capabilities with the introduction of a biometric-based system to facilitate immigration controls. The launch…

 

Tender for fingerprint scanners from Ukraine cites Thales, Dermalog

Ukraine’s Ministry of Foreign Affairs has issued a Request for Quotation (RFQ) for biometric fingerprint scanners. Tender 4200772976 calls for…

 

Cyprus launches Digital Citizen mobile digital ID app

Citizens of Cyprus can now go digital, with the launch of the country’s mobile digital services app, Digital Citizen. The…

 

Shanghai cracks down on facial recognition use by businesses

City authorities in China are seeing the first results of its crackdown on the misuse of facial recognition systems by…

 

Accelerate digital ID, review verification trust framework often to fight fraud: report

In the twentieth century, a phone call most often meant family or friends reaching out to catch up or share…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events