Another idea for biometric authentication – and two threats
A U.S. researcher says he has written an algorithm that uses hand and behavioral biometrics to authenticate identities. The presumed advance is intended to address increasing vulnerabilities seen in two steps back for biometric security.
The researcher, Chen Wang at Louisiana State University, wanted to make devices more secure without biometrics scanning, aspects of which are increasingly easy to attack. His answer, according to LSU, is to make a hand into a kind of sounding board.
A service wanting to authenticate someone on a phone would transmit to the person largely inaudible ultrasound in narrow frequencies between 17 and 22 kHz. The sounds would make the phone vibrate in a person’s hand.
And, critically, the sound would be absorbed and reflected by the person’s hand.
Everyone’s hands are unique – different gripping actions and strength (a behavioral biometric), finger lengths and widths and palm size. All of these vibrations from multiple sources would be a new kind of biometric scan, picked up by the phone’s mic and relayed to the authentication service for analysis.
As if to underline the fact that new and more-sophisticated identity protections are needed, Aukland (New Zealand) University researchers used a $40,000 (US$24,7562) lidar scanner and a 3D printer in a simulated presentation attack.
According to TVNZ, a state-owned commercial news broadcaster, the researchers had mixed success creating ruddy-hued doppelgängers.
And then there are the voice attackers. People are using voice algorithms to scam people out of money over the phone. Fraudsters try to convince people that a friend or relative needs cash as soon as possible.
Reporting by The Washington Post illustrates how deepfake voices are tricking people out tens of thousands of dollars and how governments do not yet have a firm handle on how to deal with the crimes.