capture replay attacks

Capture/replay is the name given to attacks where the biometric signals from an
enrolled user are captured at one place and time and replayed later (usually at the
same place) in an attempt to fool the system that the enrolled used is present. Although
this can arguably occur at many points in the biometric system, the terminology usually
applies to electrical signals captured between the capture device and the rest of the
system. It may be a particular problem where there is a large and unsupervised path
between the 2 components such as a network connection.
Solutions
A number of technical and procedural solutions are available including:
· Physical security (tamper resistance and detection, guards, inspections etc)
· Data encryption with unique session keys/time stamping for communications paths
· Access control to stored reference templates
· Reference templates marked and signed

Related posts:

1. Biometrics cannot be changed when compromised
2. Spoofing physiological biometric
3. Can my biometric be stolen?
4. Does using biometrics increase likelihood of capture, coercion or
5. The biometric system must be able to detect and reject the use of a copy of
6. Template integrity and confidentiality are distinctly different

Related posts brought to you by Yet Another Related Posts Plugin.