Date post: | 18-Dec-2015 |
Category: |
Documents |
Upload: | corey-grace-may |
View: | 221 times |
Download: | 1 times |
SECURITY INNOVATION ©20032
1.1. IntroductionIntroduction
2.2. Biometric identifiersBiometric identifiers
3.3. Classification of biometrics methodsClassification of biometrics methods
4.4. Biometric system architectureBiometric system architecture
5.5. Performance evaluationPerformance evaluation
Contents Biometric Contents Biometric SystemsSystems
SECURITY INNOVATION ©20033
6.6. Signature recognitionSignature recognition
7.7. Voice recognitionVoice recognition
8.8. Retinal scanRetinal scan
9.9. Iris scanIris scan
10.10. Face-scan and facial thermographFace-scan and facial thermograph
11.11. Hand geometryHand geometry
Contents Biometric Contents Biometric SystemsSystems
SECURITY INNOVATION ©20034
Association of an individual with an Association of an individual with an identity:identity:
• Verification (or authentication): confirms or Verification (or authentication): confirms or denies a claimed identity.denies a claimed identity.
• Identification (or recognition): establishes the Identification (or recognition): establishes the identity of a subject (usually from a set of identity of a subject (usually from a set of enrolled persons). enrolled persons).
Personal IdentificationPersonal Identification
SECURITY INNOVATION ©20035
• Token-based: Token-based: “something that “something that you have”you have”
• Knowledge-based: Knowledge-based: “something that “something that you know”you know”
• Biometrics-based: Biometrics-based: “something that “something that you are”you are”
Personal Identification Personal Identification ObjectsObjects
SECURITY INNOVATION ©20036
• Bio + metrics:Bio + metrics:– The statistical measurement of The statistical measurement of
biological data.biological data.
• Biometric Consortium definition:Biometric Consortium definition:– Automatically recognizing a person Automatically recognizing a person
using distinguishing traits.using distinguishing traits.
BiometricsBiometrics
SECURITY INNOVATION ©20037
• Access controlAccess control– to devices to devices
• cellular phonescellular phones• logging into a computer, laptop, or PDAlogging into a computer, laptop, or PDA• carscars• gunsguns
– to local servicesto local services• money from a ATM machine money from a ATM machine • logging in to computerlogging in to computer• accessing data on smartcard accessing data on smartcard
– to remote servicesto remote services • e-commercee-commerce• e-businesse-business
Application Domains (I)Application Domains (I)
SECURITY INNOVATION ©20038
Application Domains (II)Application Domains (II)
• Physical access control Physical access control – to high security areasto high security areas– to public buildings or areasto public buildings or areas
• Time & attendance controlTime & attendance control• IdentificationIdentification
– forensic person investigationforensic person investigation– social services applications, e.g. immigration social services applications, e.g. immigration
or prevention of welfare fraudor prevention of welfare fraud– persopersonal dnal documents, e.g. electronic drivers ocuments, e.g. electronic drivers
license or ID cardlicense or ID card
SECURITY INNOVATION ©20039
Ideal PropertiesIdeal Properties• UniversalityUniversality• UniquenessUniqueness• StabilityStability• QuantitativeQuantitative
Considerations• Performance • Acceptability• Forge resistance
Biometric IdentifiersBiometric Identifiers
SECURITY INNOVATION ©200310
• Covered in ISO/IEC 27N2949:Covered in ISO/IEC 27N2949:– recognition of signatures,recognition of signatures,– fingerprint analysis,fingerprint analysis,– speaker recognition,speaker recognition,– retinal scan,retinal scan,– iris scan,iris scan,– face recognition,face recognition,– hand geometry.hand geometry.
Biometric TechnologiesBiometric Technologies
SECURITY INNOVATION ©200311
• Found in the literature:Found in the literature:– vein recognition (hand),vein recognition (hand),– keystroke dynamics,keystroke dynamics,– palm print,palm print,– gait recognition,gait recognition,– ear shape.ear shape.
Other Biometric MethodsOther Biometric Methods
SECURITY INNOVATION ©200312
• Static:Static:– fingerprintfingerprint– retinal scanretinal scan– iris scaniris scan– hand hand
geometrygeometry
• Dynamic:Dynamic:– signature recognitionsignature recognition– speaker recognitionspeaker recognition
Classification of Biometric Classification of Biometric MethodsMethods
SECURITY INNOVATION ©200313
• Basic modules of a biometric system:Basic modules of a biometric system:– Data acquisitionData acquisition– Feature extractionFeature extraction– MatchingMatching– DecisionDecision– StorageStorage
Biometric System Biometric System ArchitectureArchitecture
SECURITY INNOVATION ©200314
Biometric System ModelBiometric System Model
Raw dataRaw data Extracted Extracted featuresfeatures templatetemplate
Authentication decisionAuthentication decision
Data Data collectioncollection
Signal Signal processingprocessing
matchingmatching
storagestorage
scorescore
decisiondecision
ApplicationApplication
SECURITY INNOVATION ©200315
• Reads the biometric info from the user.Reads the biometric info from the user.
• Examples: video camera, fingerprint Examples: video camera, fingerprint scanner/sensor, microphone, etc.scanner/sensor, microphone, etc.
• All sensors in a given system must be All sensors in a given system must be similar to ensure recognition at any similar to ensure recognition at any location.location.
• Environmental conditions may affect Environmental conditions may affect their performance.their performance.
Data Acquisition ModuleData Acquisition Module
SECURITY INNOVATION ©200316
• Discriminating features extracted from Discriminating features extracted from the raw biometric data.the raw biometric data.
• Raw data transformed into small set of Raw data transformed into small set of bytes – storage and matching.bytes – storage and matching.
• Various ways of extracting the features.Various ways of extracting the features.• Pre-processing of raw data usually Pre-processing of raw data usually
necessary.necessary.
Feature Extraction Feature Extraction ModuleModule
SECURITY INNOVATION ©200317
• The core of the biometric system.The core of the biometric system.• Measures the similarity of the claimant’s Measures the similarity of the claimant’s
sample with a reference template.sample with a reference template.• Typical methods: distance metrics, Typical methods: distance metrics,
probabilistic measures, neural networks, probabilistic measures, neural networks, etc.etc.
• The result: a number known as match The result: a number known as match score.score.
Matching ModuleMatching Module
SECURITY INNOVATION ©200318
• Interprets the match score from the Interprets the match score from the matching module.matching module.
• Typically a binary decision: yes or no.Typically a binary decision: yes or no.• May require more than one submitted May require more than one submitted
samples to reach a decision: 1 out of 3.samples to reach a decision: 1 out of 3.• May reject a legitimate claimant or May reject a legitimate claimant or
accept an impostor.accept an impostor.
Decision ModuleDecision Module
SECURITY INNOVATION ©200319
• Maintains the templates for enrolled Maintains the templates for enrolled users.users.
• One or more templates for each user.One or more templates for each user.• The templates may be stored in:The templates may be stored in:
– a special component in the biometric device,a special component in the biometric device,– conventional computer database,conventional computer database,– portable memories such as smartcards.portable memories such as smartcards.
Storage ModuleStorage Module
SECURITY INNOVATION ©200320
• Capturing, processing and storing of the Capturing, processing and storing of the biometric template.biometric template.
• Crucial for the system performance.Crucial for the system performance.• Requirements for enrolment:Requirements for enrolment:
– secure enrolment procedure,secure enrolment procedure,– check of template quality and check of template quality and
“matchability”,“matchability”,– binding of the biometric template to the binding of the biometric template to the
person being enrolled.person being enrolled.
EnrolmentEnrolment
SECURITY INNOVATION ©200321
• A genuine individual is accepted.A genuine individual is accepted.• A genuine individual is rejected (error).A genuine individual is rejected (error).• An impostor is rejected.An impostor is rejected.• An impostor is accepted (error).An impostor is accepted (error).
Possible Decision Possible Decision OutcomesOutcomes
SECURITY INNOVATION ©200322
• Balance needed between 2 types of Balance needed between 2 types of error:error:– Type IType I: system fails to recognize valid user : system fails to recognize valid user
(‘false non-match’ or ‘false rejection’).(‘false non-match’ or ‘false rejection’).– Type IIType II: system accepts impostor (‘false : system accepts impostor (‘false
match’ or ‘false acceptance’).match’ or ‘false acceptance’).
• Application dependent trade-off between Application dependent trade-off between two error types.two error types.
ErrorsErrors
SECURITY INNOVATION ©200323
• Error tolerance threshold is crucial and Error tolerance threshold is crucial and application dependent.application dependent.
• Tolerance too large gives Type II error Tolerance too large gives Type II error (admit impostors).(admit impostors).
• Tolerance too small gives Type I errors Tolerance too small gives Type I errors (reject legitimate users).(reject legitimate users).
• Equal error rate for comparison: false Equal error rate for comparison: false non-match equal to false match.non-match equal to false match.
Tolerance ThresholdTolerance Threshold
SECURITY INNOVATION ©200324
• Signature recognitionSignature recognition• Voice recognitionVoice recognition• Retinal scanRetinal scan• Iris scanIris scan• Face biometricsFace biometrics• Hand geometryHand geometry
Biometric TechnologiesBiometric Technologies
SECURITY INNOVATION ©200325
• Signatures in wide use for many years.Signatures in wide use for many years.• Signature generating process a trained Signature generating process a trained
reflex - imitation difficult especially ‘in reflex - imitation difficult especially ‘in real time’.real time’.
• Automatic signature recognition Automatic signature recognition measures the dynamics of the signing measures the dynamics of the signing process.process.
Signature RecognitionSignature Recognition
SECURITY INNOVATION ©200326
• Variety of characteristics can be used:Variety of characteristics can be used:– angle of the pen,angle of the pen,– pressure of the pen,pressure of the pen,– total signing time,total signing time,– velocity and acceleration,velocity and acceleration,– geometry.geometry.
Dynamic Signature Dynamic Signature RecognitionRecognition
SECURITY INNOVATION ©200327
Dynamic Signature Dynamic Signature Verification (I)Verification (I)
Electronic pen [LCI-SmartPen]
SECURITY INNOVATION ©200328
Dynamic Signature Dynamic Signature Verification (II)Verification (II)
Digitising tablet [Hesy Signature Pad by BS Biometric Systems GmbH]
Digitising tablet by Wacom Technologies
SECURITY INNOVATION ©200329
Signature Recognition: Signature Recognition: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– Resistance to forgeryResistance to forgery– Widely acceptedWidely accepted– Non-intrusiveNon-intrusive– No record of the signatureNo record of the signature
• Disadvantages:Disadvantages:– Signature inconsistenciesSignature inconsistencies– Difficult to useDifficult to use– Large templates (1K to 3K)Large templates (1K to 3K)
SECURITY INNOVATION ©200330
• Ridge patterns on fingers uniquely Ridge patterns on fingers uniquely identify people.identify people.
• Classification scheme devised in 1890s.Classification scheme devised in 1890s.• Major features: arch, loop, whorl.Major features: arch, loop, whorl.• Each fingerprint has at least one of the Each fingerprint has at least one of the
major features and many ‘small’ major features and many ‘small’ features.features.
Fingerprint RecognitionFingerprint Recognition
SECURITY INNOVATION ©200332
• In a machine system, reader must In a machine system, reader must minimize image rotation.minimize image rotation.
• Look for minutiae and compare.Look for minutiae and compare.• Minor injuries a problem.Minor injuries a problem.• Automatic systems can not be Automatic systems can not be
defrauded by detached real fingers.defrauded by detached real fingers.
Fingerprint Recognition Fingerprint Recognition (cont.)(cont.)
SECURITY INNOVATION ©200333
• Basic steps for fingerprint Basic steps for fingerprint authentication:authentication:– Image acquisition,Image acquisition,– Noise reduction,Noise reduction,– Image enhancement,Image enhancement,– Feature extraction,Feature extraction,– Matching.Matching.
Fingerprint Fingerprint AuthenticationAuthentication
SECURITY INNOVATION ©200334
a)a) OriginalOriginal
b)b) OrientationOrientation
c)c) BinarisedBinarised
d)d) ThinnedThinned
e)e) MinutiaeMinutiae
f)f) Minutia Minutia graphgraph
Fingerprint ProcessingFingerprint Processing
aa
ffee
ddcc
bb
SECURITY INNOVATION ©200335
Fingerprint RecognitionFingerprint Recognition
• SensorsSensors– optical sensorsoptical sensors– ultrasound sensorsultrasound sensors– chip-based sensorschip-based sensors– thermal sensorsthermal sensors
• Integrated productsIntegrated products– for identification – AFIS systemsfor identification – AFIS systems– for verificationfor verification
SECURITY INNOVATION ©200336
Fingerprint Recognition: Fingerprint Recognition: Sensors (I)Sensors (I)
Optical fingerprint sensor[Fingerprint Identification Unit
FIU-001/500 by Sony]
Electro-optical sensor [DELSY® CMOS sensor modul]
Capacitive sensor[FingerTIP™ by Infineon]
SECURITY INNOVATION ©200337
Fingerprint Recognition: Fingerprint Recognition: Sensors (II)Sensors (II)
E-Field Sensor[FingerLoc™ by Authentec]
Thermal sensor[FingerChip™ by ATMEL
(was: Thomson CSF)]
SECURITY INNOVATION ©200338
Fingerprint Recognition: Fingerprint Recognition: Integrated Systems (I)Integrated Systems (I)
[BioMouse™ Plus by American Biometric Company]
Physical Access Control System [BioGate Tower by Bergdata]
[ID Mouse by Siemens]
SECURITY INNOVATION ©200339
Fingerprint Recognition: Fingerprint Recognition: Integrated Systems (II)Integrated Systems (II)
[TravelMate 740 by Compaq und Acer]
Keyboard [G 81-12000 by Cherry]
System including fingerprint sensor,smartcard reader anddisplay by DELSY
SECURITY INNOVATION ©200340
Fingerprint Recognition: Fingerprint Recognition: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– Mature technologyMature technology– Easy to use/non-intrusiveEasy to use/non-intrusive– High accuracyHigh accuracy– Long-term stabilityLong-term stability– Ability to enrol multiple fingersAbility to enrol multiple fingers
• Disadvantages:Disadvantages:– Inability to enrol some usersInability to enrol some users– Affected by skin conditionAffected by skin condition– Association with forensic applicationsAssociation with forensic applications
SECURITY INNOVATION ©200341
• Linguistic and speaker dependent Linguistic and speaker dependent acoustic patterns.acoustic patterns.
• Speaker’s patterns reflect:Speaker’s patterns reflect:– anatomy (size and shape of mouth and anatomy (size and shape of mouth and
throat),throat),– behavioral (voice pitch, speaking style).behavioral (voice pitch, speaking style).
• Heavy signal processing involved Heavy signal processing involved (spectral analysis, periodicity, etc)(spectral analysis, periodicity, etc)
Speech RecognitionSpeech Recognition
SECURITY INNOVATION ©200342
• Text-dependent: predetermined set of Text-dependent: predetermined set of phrases for enrolment and identification.phrases for enrolment and identification.
• Text-prompted: fixed set of words, but Text-prompted: fixed set of words, but user prompted to avoid recorded user prompted to avoid recorded attacks. attacks.
• Text-independent: free speech, more Text-independent: free speech, more difficult to accomplish.difficult to accomplish.
Speaker Recognition Speaker Recognition SystemsSystems
SECURITY INNOVATION ©200343
Speaker Recognition: Speaker Recognition: Advantages/ Advantages/
DisadvantagesDisadvantages• Advantages:Advantages:
– Use of existing telephony infrastructureUse of existing telephony infrastructure– Easy to use/non-intrusive/hands freeEasy to use/non-intrusive/hands free– No negative associationNo negative association
• Disadvantages:Disadvantages:– Pre-recorded attackPre-recorded attack– Variability of the voiceVariability of the voice– Affected by noiseAffected by noise– Large template (5K to 10K)Large template (5K to 10K)
SECURITY INNOVATION ©200344
Eye BiometricEye Biometric
• Retina:Retina:– back inside of the eye ball.back inside of the eye ball.– pattern of blood vessels used for pattern of blood vessels used for
identificationidentification
• Iris:Iris:– colored portion of the eye surrounding the colored portion of the eye surrounding the
pupil.pupil.– complex iris pattern used for identificationcomplex iris pattern used for identification..
SECURITY INNOVATION ©200345
• Accurate biometric measure.Accurate biometric measure.• Genetically independent: identical twins Genetically independent: identical twins
have different retinal pattern.have different retinal pattern.• Highly protected, internal organ of the Highly protected, internal organ of the
eye.eye.• May change during the life of a person.May change during the life of a person.
Retinal PatternRetinal Pattern
SECURITY INNOVATION ©200346
Retinal RecognitionRetinal Recognition
Retinal recognition system [Icam 2001 by Eyedentify]
SECURITY INNOVATION ©200347
Retinal Scan: Retinal Scan: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– High accuracyHigh accuracy– Long-term stabilityLong-term stability– Fast verificationFast verification
• Disadvantages:Disadvantages:– Difficult to useDifficult to use– IntrusiveIntrusive– Limited applicationsLimited applications
SECURITY INNOVATION ©200348
• Iris pattern possesses a high degree of Iris pattern possesses a high degree of randomness: extremely accurate biometric.randomness: extremely accurate biometric.
• Genetically independent: identical twins have Genetically independent: identical twins have different iris pattern.different iris pattern.
• Stable throughout life.Stable throughout life.• Highly protected, internal organ of the eye.Highly protected, internal organ of the eye.• Patterns can be acquired from a distance (1m).Patterns can be acquired from a distance (1m).• Patterns can be encoded into 256 bytes.Patterns can be encoded into 256 bytes.
Iris PropertiesIris Properties
SECURITY INNOVATION ©200349
• Iris code developed by John Daugman at Iris code developed by John Daugman at Cambridge.Cambridge.
• Extremely low error rates.Extremely low error rates.• Fast processing.Fast processing.• Monitoring of pupils oscillation to prevent Monitoring of pupils oscillation to prevent
fraud.fraud.• Monitoring of reflections from the moist cornea Monitoring of reflections from the moist cornea
of the living eye.of the living eye.
Iris RecognitionIris Recognition
SECURITY INNOVATION ©200351
Iris RecognitionIris Recognition
System for active iris recognition by IrisScan
System for passive iris recognition by Sensar
SECURITY INNOVATION ©200352
Iris Recognition: Iris Recognition: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– High accuracyHigh accuracy– Long term stabilityLong term stability– Nearly non-intrusiveNearly non-intrusive– Fast processingFast processing
• Disadvantages:Disadvantages:– Not exactly easy to useNot exactly easy to use– High false non-match ratesHigh false non-match rates– High costHigh cost
SECURITY INNOVATION ©200353
• Static controlled or dynamic uncontrolled Static controlled or dynamic uncontrolled shots.shots.
• Visible spectrum or infrared Visible spectrum or infrared (thermographs).(thermographs).
• Non-invasive, hands-free, and widely Non-invasive, hands-free, and widely accepted.accepted.
• Questionable discriminatory capability.Questionable discriminatory capability.
Face-scan and Facial Face-scan and Facial ThermographsThermographs
SECURITY INNOVATION ©200354
• Visible spectrum: inexpensive.Visible spectrum: inexpensive.• Most popular approaches:Most popular approaches:
– eigen faces,eigen faces,– Local feature analysis.Local feature analysis.
• Affected by pose, expression, hairstyle, Affected by pose, expression, hairstyle, make-up, lighting, eyeglasses.make-up, lighting, eyeglasses.
• Not a reliable biometric measure.Not a reliable biometric measure.
Face RecognitionFace Recognition
SECURITY INNOVATION ©200355
Face RecognitionFace Recognition
Face recognition system[One-to-One™ by Biometric Access Corporation]
Face recognition system [TrueFace Engine by Miros]
SECURITY INNOVATION ©200356
Face Recognition: Face Recognition: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– Non-intrusiveNon-intrusive– Low costLow cost– Ability to operate covertlyAbility to operate covertly
• Disadvantages:Disadvantages:– Affected by appearance/environmentAffected by appearance/environment– High false non-match ratesHigh false non-match rates– Identical twins attackIdentical twins attack– Potential for privacy abusePotential for privacy abuse
SECURITY INNOVATION ©200357
• Captures the heat emission patterns Captures the heat emission patterns derived from the blood vessels under derived from the blood vessels under the skin.the skin.
• Infrared camera: unaffected by external Infrared camera: unaffected by external changes (even plastic surgery!) or changes (even plastic surgery!) or lighting. lighting.
• Unique but accuracy questionable.Unique but accuracy questionable.• Affected by emotional and health state.Affected by emotional and health state.
Facial ThermographFacial Thermograph
SECURITY INNOVATION ©200358
Facial Thermograph: Facial Thermograph: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– Non-intrusiveNon-intrusive– StableStable– Not affected by external changesNot affected by external changes– Identical twins resistantIdentical twins resistant– Ability to operate covertlyAbility to operate covertly
• Disadvantages:Disadvantages:– High cost (infrared camera)High cost (infrared camera)– New technologyNew technology– Potential for privacy abusePotential for privacy abuse
SECURITY INNOVATION ©200359
• Features: dimensions and shape of the Features: dimensions and shape of the hand, fingers, and knuckles as well as hand, fingers, and knuckles as well as their relative locations.their relative locations.
• Two images taken: one from the top and Two images taken: one from the top and one from the side.one from the side.
Hand GeometryHand Geometry
SECURITY INNOVATION ©200360
Hand Geometry ReadingHand Geometry Reading
Hand geometry reader by Recognition Systems
Hand geometry reader for two finger recognition by BioMet Partners
SECURITY INNOVATION ©200361
Hand Geometry: Hand Geometry: Advantages / Advantages /
DisadvantagesDisadvantages• Advantages:Advantages:
– Not affected by environmentNot affected by environment– Mature technologyMature technology– Non-intrusiveNon-intrusive– Relatively stableRelatively stable
• Disadvantages:Disadvantages:– Low accuracyLow accuracy– High costHigh cost– Relatively large readersRelatively large readers– Difficult to use for some users (Difficult to use for some users (arthritis, arthritis,
missing fingers or large hands)missing fingers or large hands)
SECURITY INNOVATION ©200362
Multimodal Biometric Multimodal Biometric SystemsSystems
• Combination of biometric technologies Combination of biometric technologies – Fingerprint and face recognitionFingerprint and face recognition– Face recognition and lip movementFace recognition and lip movement– Fingerprint recognition and dynamic Fingerprint recognition and dynamic
signature verificationsignature verification
• Increase the level of security achieved Increase the level of security achieved by the systemby the system
• Enlarge the user baseEnlarge the user base
SECURITY INNOVATION ©200363
How good are biometric How good are biometric products?products?
• How can we find out, how good a How can we find out, how good a biometric product is?biometric product is?– Empirical tests of the productEmpirical tests of the product
• There have been independent tests on a There have been independent tests on a series of biometric productsseries of biometric products– in Japanin Japan– in Germanyin Germany
SECURITY INNOVATION ©200364
Different Threat Different Threat ScenariosScenarios
1.1. Regular biometric Regular biometric sensor using sensor using artificially artificially generated generated biometric data biometric data
2.2. Replay attack of Replay attack of eavesdropped eavesdropped biometric databiometric data
3.3. Manipulation of Manipulation of stored biometric stored biometric reference datareference data
SECURITY INNOVATION ©200365
Japanese TestJapanese Test• Tsutomu Matsumoto, a Japanese Tsutomu Matsumoto, a Japanese
cryptographer working at Yokohama cryptographer working at Yokohama National University National University
• 11 state-of-the-art fingerprint sensors11 state-of-the-art fingerprint sensors• 2 different processes to make gummy 2 different processes to make gummy
fingersfingers– from live finger from live finger – from latent fingerprint from latent fingerprint
Gummy fingers fooled fingerprint Gummy fingers fooled fingerprint sensors 80% of the timesensors 80% of the time
SECURITY INNOVATION ©200366
Test in Germany (I)Test in Germany (I)• 11 biometric sensors 11 biometric sensors
– 9 fingerprint sensors, 9 fingerprint sensors, – 1 face recognition system, and 1 face recognition system, and – 1 iris scanner1 iris scanner
• Fingerprint sensors – Fingerprint sensors – – reactivate latent fingerprints (optical and capacitive reactivate latent fingerprints (optical and capacitive
sensors)sensors)– apply latex finger (thermal sensor)apply latex finger (thermal sensor)
• Face recognition system – Face recognition system – – down- (up-) load biometric reference data from (to) down- (up-) load biometric reference data from (to)
hard diskhard disk– no or only weak life detectionno or only weak life detection
SECURITY INNOVATION ©200367
Test in Germany (II)Test in Germany (II)
• Iris recognition – Iris recognition – – picture of iris of enrolled person with cut-out picture of iris of enrolled person with cut-out
pupil, where a real pupil is displayedpupil, where a real pupil is displayed
All tested biometric systems could be All tested biometric systems could be fooled, but the effort differed fooled, but the effort differed
considerablyconsiderably
SECURITY INNOVATION ©200368
• Does the application need identification Does the application need identification or authentication?or authentication?
• Is the collection point attended or Is the collection point attended or unattended?unattended?
• Are the users used to the biometrics?Are the users used to the biometrics?• Is the application covert or overt?Is the application covert or overt?
Choosing the BiometricsChoosing the Biometrics
SECURITY INNOVATION ©200369
• Are the subjects cooperative or non-Are the subjects cooperative or non-cooperative?cooperative?
• What are the storage requirement What are the storage requirement constraints?constraints?
• How strict are the performance How strict are the performance requirements?requirements?
• What types of biometrics are acceptable What types of biometrics are acceptable to the users?to the users?
Choosing the Biometrics Choosing the Biometrics (cont.)(cont.)
SECURITY INNOVATION ©200370
ConclusionsConclusions
• Biometric technology has great potentialBiometric technology has great potential• There are many biometric products There are many biometric products
around, regarding the different biometric around, regarding the different biometric technologiestechnologies
• Shortcomings of biometric systems due to Shortcomings of biometric systems due to – manufacturers ignorance of security concernsmanufacturers ignorance of security concerns– lack of quality controllack of quality control– standardisation problemsstandardisation problems
• Biometric technology is very promising Biometric technology is very promising • Manufacturers have to take security Manufacturers have to take security
concerns seriousconcerns serious