FB pixel

Protection from biometric spoof attacks requires emerging technologies and standards adherence

Opening keynote at eu-LISA Industry Roundtable highlights security challenges
Protection from biometric spoof attacks requires emerging technologies and standards adherence
 

Advanced biometric technologies and standards are necessary to build adequate presentation attack detection (PAD) into border control systems, Norwegian Biometrics Lab (NBL) Chair Dr. Christoph Busch told an audience during day one of the eu-LISA Industry Roundtable.

Busch is also principal investigator at the German National Center for Applied Cybersecurity (ATHENE) and a co-founder of the European Association for Biometrics (EAB).

The three main points in biometric systems for targeted attacks, according to Busch, are the capture device, which is potentially vulnerable to presentation attacks, the network transmitting the data, which could be protected by cryptography and face morph detection, and the database, in which biometric templates must be protected.

The talk outlined different types of presentation attacks than can be carried out in non-supervised data capture situations, such as at kiosks, as well as face morphing enrollment attacks and face sample quality as the three main potential presentation attack vulnerabilities of the eu-LISA system.

Presentation attacks can take the form of imposter attacks for positive access, and concealment to induce a false negative match in a 1:N check against a watchlist.

For fingerprint and face biometric spoofing, there are technologies and standards in development that could help ward off both attack types.

Fingerprint capture devices with optical coherence tomography (OCT) could be used to observe live skin properties and sweat glands, while laser speckle contrast imaging (LSCI) could be used to detect blood flow. Fingerprint algorithms with singular point density analysis can pick up the noisy friction ridge areas that can indicate an altered print.

For facial recognition, short wave infrared range (SWIR) imaging holds promise for detecting skin, while makeup-based attacks present a unique challenge due to the use of makeup for non-spoofing purposes by many people. For morphing attack detection, single-image and differential attack detection methods are considered.

Questions also remain about how image quality may affect eu-LISA’s biometric systems, and face image quality was the topic of EAB Research Projects Conference Chair Javier Galbally’s keynote on day two.

Standardized testing metrics for PAD technologies were discussed, including ISO/IEC 29794-1, 29794-4 and 29794-5, which relate to image quality, ISO/IEC 24358 for face-aware capture devices, and other standards for logical data structure. Busch explained the ISO/IEC 30107-3 PAD standard, including the need to keep both attack presentation classification error rate (APCER) and bona fide presentation classification error rate (BPCER) low, and how the imposter attack presentation match rate (IAMPR) applies to full system evaluations.

The EAB and industry stakeholder are also continuing to develop fraud-prevention methods through research projects like the TReSPAsS ETN on secure and privacy preserving biometrics and the iMARS face morph attack detection initiative.

Further presenters during day one of the eu-LISA Industry Roundtable included representatives of Idemia, IN Groupe, Gatekeeper Security Inc, secunet and Vision-Box. Sessions on days two and three of the event are focusing on ensuring consistent data quality and the interoperability and accessibility of data.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Age assurance shouldn’t lead to harvesting of kids’ data: Irish privacy watchdog

Age assurance requirements for pornography sites and platforms hosting extremely violent content will become mandatory in Ireland this July. Media…

 

Idemia reveals Armenia JV details, Saudi Arabia MoU, WVU biometrics research lab

Idemia is busily establishing new partnerships to develop biometrics for national projects, from Armenia to Saudi Arabia, and to further…

 

EU SafeTravellers project works to secure biometric digital travel credentials

Idemia Public Security, iProov, Vision-Box and Ubiquitous Technologies Company (Ubitech) are part of a European Union-funded project to introduce traveler…

 

World puzzled by lack of public trust in massive technology corporations

Sam Altman and Alex Blania, figureheads and evangelists for cryptically related firms World and Tools for Humanity, recently spoke at…

 

Milwaukee police debate trading biometric data for Biometrica facial recognition

Although it has pledged to seek public consultation before signing a contract with a biometrics provider, the Milwaukee Police Department…

 

Italian regulator holds out hopes to collect fine from Clearview AI

Italy data protection regulator, the Garante, has not given up on collecting the millions of euros in fines it imposed…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events