Thales recounts real-life biometric spoof to highlight liveness detection importance
In the article, Luca Francese, Biometric Devices marketing manager at Thales, first narrates the recent events involving an industrial worker in Spain who used his severed finger to unlock a Samsung Galaxy phone.
Francese then draws attention to biometric spoofing attacks, particularly those targeting finger readers, and explains how consumer-grade devices currently do not include signs-of-life detectors.
This, in turn, makes them potentially vulnerable to spoofing attacks using silicone or gelatin finger molds.
Presentation Attack Detection (PAD) is therefore particularly important in assessing the efficacy of biometric systems today.
“As companies and organizations across the world search for the most secure method of authentication and identification, biometrics has quickly become one of the premier methods of ensuring these two principles,” Francese writes.
“Failure to prevent fingerprint spoofing attacks may have serious consequences not just for individuals but on a wider scale.”
To this end, Thales has developed its Cogent Single Finger Scanner, powered by artificial intelligence and using infrared light detection to counter spoofing attacks via skin distortion analysis, blood flow detection, and active sweat pore detection.
The scanner has also been independently verified to ISO/ IEC 30107-3 standard and Thales says it is the first in the world to receive the iBeta PAD level 2 certification.
In addition, Thales’ technology has also achieved an Attack Presentation Classification Error Rate (APCER) of 0 percent.
“Unfortunately, there isn’t a magic formula to combat fingerprint spoof attacks at the moment, but the real solution lies in combining the right number of different features,” Francese concludes.
“In a marketplace that features an abundance of solutions, your best bet would be choosing a solution that meets the ISO Presentation Attack Detection benchmark.”
Thales’ recent article about PAD builds on a previous one the company published in December 2020, which explained different biometric spoof attacks and liveness detection techniques in relation to both facial recognition and fingerprint systems.