Vote begins on biometric injection attack standard

Europe’s standard for biometric data injection attacks is on track to be published in October of this year, and could have a significant impact on the fraud landscape both on the continent and around the world.

CLR Labs Director Kévin Carta presented the problem and the progress towards the finalization of the prTS 18099 standard to EAB members in the Association’s latest Lunch Talk.

The prTS 18099 standard addresses the introduction of biometric data in between the data capture and signal processing components of a biometric system used for remote identity proofing. While typically thought of as an attack on face biometrics systems, injection attacks, and therefore the standard, apply to other modalities as well.

Carta gave an overview of the workflow for remote identity proofing and the different types of fraud attacks against it.

State-of-the-art liveness detection systems can easily tell when a digital attack is presented with a screen, Carta explained, which motivates attackers to bypass the data capture stage where liveness detection is performed.

While injection attacks may not have been very familiar to many in the field of biometrics just a few years ago, they are a natural solution for attackers, Carta notes, since they are long-established as a cybersecurity threat more generally. SQL injections, script injections (XSS) and other injection attacks have been plaguing the internet for years.

In formulating the standard for biometric injection attack detection, CEN CENELEC TC 224 WG 18 defined the methods, instruments, and applications or systems targeted by video injections.

Defining a growing problem

The characteristics of video capture include standards and protocols, like UVC for PCs and Camera Serial Interface 2 for mobile devices, as well as image stream characteristics like transmission mode, encoding and resolution, and video control characteristics.

Methods of injection attacks include modified or false cameras, like software or hardware virtual cameras which are seen by the system as real cameras, external video camera cards or mobile device emulators. They also include the replacement of images captured by a real camera, such as with function hooking or man-in-the-middle attacks.

These methods vary widely in terms of the equipment and expertise required. Carta recounts how CyberArk was able to bypass Windows Hello with an evaluation board simulating a webcam, and how cybercriminals in China used a similar method to bypass a Chinese government remote identity proofing system to steal $70 million, which was only spotted two years after the fact.

Interception and replacement attacks are typically more difficult to carry out than camera replacement attacks, Carta says, but can fool the verifier into reading the spoof data as coming from the real camera.

Instruments used can be raw but stolen data, modified or altered data, or synthetic data.

Injection attack detection (IAD) is divided into defense against the attack method and the attack instrument. Examples of the former include camera anti-tampering mechanisms, session metadata analysis, which was explained by ID R&D President Alexey Khitrov in a recent Biometric Update webinar on injection attack prevention, code obfuscation, runtime application self-protection and mobile device emulator detection.

Defense against attack instruments include detection of replay attacks or automated artefacts and procedural controls, like introducing randomness or manual inspection.

In general, Carta says, demanding video input rather than a still image raises the bar of difficulty for injection attacks, as it gives verifiers more data to work with.

Standard urgently needed

Carta reviewed the regulatory and fraud cost context, as well as French cybersecurity agency ANSSI’s PVID referential for certification, which requires penetration testing that includes injection attacks. This scheme has already certified five solutions, Carta says, indicating early success.

Standardization is needed, however, in part to prepare for the enrollment phase of the EU Digital Identity Wallet rollouts. Further, there are already several projects underway in Europe that deal with injection attacks, like ANSSI’s PVID and ETSI’s TS 119 461, and these need to be harmonized.

The standard currently in development defines the above terms, and can be applied beyond face biometrics to iris, voice and contactless fingerprint recognition. A test methodology is provided, and sets three different levels of attack, aligning with the EU Cybersecurity Act.

Sensitive systems can be jeopardized by injection attacks, and a Carta argues that harmonization between test labs is important to protect them.

Editing for the standard has been completed, and a three-month approval vote begins Thursday. If approved, the standard would be added a month after the vote closes to the ETSI TS 119 461 revision, and could be referenced in the implementing acts for the EUDI Wallet.

Article Topics

biometric liveness detection  |  biometrics  |  biometrics research  |  CLR Labs  |  European Association for Biometrics  |  IAD certification  |  injection attacks  |  standards