Spoofing physiological biometric

Spoofing through the use of artefacts is generally a concern for physiological biometric
technologies such as fingerprint, hand, iris etc. Several studies dating from around
1998 have demonstrated the potential for successfully mounting a spoofing attack
under carefully controlled conditions.
If spoofing attacks can be successful, the fundamental tenet of biometrics – the
“something you are” – is undermined. Spoofing involves 2 stages: a) - the capture of a
biometric “image” belonging to an enrolled user, and b) - transferring the biometric
image onto an artefact.
Some features will be more difficult to observe and capture than others, and the skill
needed to create a successful artefact will be dependent on both the biometric feature
and how resistant the system is to artefacts. Faces are easily captured by
photography. Fingerprint patterns may be captured through the lifting of latent or
residual images left on smooth surfaces. Voices may be captured on tape or other
audio recorder. Some biometric images will be difficult to capture, e.g. retinal patterns,
without the use of sophisticated and conspicuous equipment. Of course, given
cooperation by the legitimate user, the capturing of biometric features is likely to be
much easier.
Constructing an artefact containing the biometric features is also subject to varying
difficulty depending on the feature involved and the sophistication required of the
artefact, which in turn depends on the countermeasures in place.
Spoofing attacks may be countered by technical and procedural countermeasures.

Related posts

• Valuable assets are traditionally protected by secrecy (0)
• Mimicry is to behavioural biometrics (0)
• Biometrics cannot be changed when compromised (0)
• biometrics resource (0)
• Biometrics do not provide perfect identification (0)