4. Clare Nelson, @Safe_SaaS
Samsung Galaxy S8
Source: https://www.finextra.com/newsarticle/30479/samsung-galaxy-s8-facial-recognition-software-not-ready-for-payments
Source: http://www.businessinsider.com/samsung-galaxy-s8-iris-scanner-fbi-fingerprint-tech-princeton-identity-2017-4
April 2017
Face spoofed
May 2017
Iris spoofed
5. Clare Nelson, @Safe_SaaS
iPhone X, Face ID
Source: https://venturebeat.com/2017/09/12/iphone-x-ditches-touch-id-for-face-id/
Source: http://bgr.com/2017/09/12/iphone-x-price-specs-features/
Source: https://findbiometrics.com/apple-face-id-iphone-x-409125/
September 2017
Announced
TBD Date
Face ID spoofed
7. Clare Nelson, @Safe_SaaS
Biometric Recognition
Automated recognition of
individuals based on their
biological and behavioral
characteristics
Source: http://biometrics.derawi.com/?page_id=101
Source: http://searchsecurity.techtarget.com/definition/biometric-authentication
Graphic: https://findbiometrics.com/biometrics-market-2025-tractica-402062/
8. Clare Nelson, @Safe_SaaS
image archive
Biometric Recognition System
Source: https://www.aware.com/what-are-biometrics/biometric-processes/
match no match,
non-match
Biometrics are unique physical
and behavioral features
• Can be sensed by devices
• Interpreted by computers
• Used as proxies of our
physical selves in the digital
realm
biometric sample biometric template
biometric sample biometric template
Xtemplate database
live capture
live capture
9. Clare Nelson, @Safe_SaaS
Ask if Images Are Saved
Source: http://www.bioelectronix.com/what_is_biometrics.html
Digital image Biometric templateFeature
extraction
11. Clare Nelson, @Safe_SaaS
Presentation Attack
ISO/IEC 30107 Definition
Presentation Attack
Presentation to the biometric data
capture subsystem with the goal of
interfering with the operation of the
biometric system
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:30107:-1:ed-1:v1:en
Graphic: https://www.semanticscholar.org/paper/Presentation-attack-detection-algorithm-for-face-a-Raghavendra-Busch/5b7cbc9067dd1bbe115fe91b0ac25a5819052534
Presentation attacks may have a number of
goals including
• Impersonation
• Not being recognized
Biometric systems may not differentiate
between attacks and non-conformant
presentations
(a) Raw images (b) 2D Cepstrum results (c) Binarized Statistical
Image Features (BSIF) results
12. Clare Nelson, @Safe_SaaS
Non-Conformant Presentation
Source: https://techcrunch.com/2017/09/15/interview-apples-craig-federighi-answers-some-burning-questions-about-face-id/ (September 2017)
Graphic: http://www.businessinsider.com/apple-suppliers-iphone-x-sales-shipments-2017-9
Graphic: http://electronics.howstuffworks.com/gadgets/high-tech-gadgets/nightvision1.htm
Face ID
• Polarized lenses are no problem
• Some lenses block infrared (IR) radiation
• Use passcode
• Take off sunglasses
13. Clare Nelson, @Safe_SaaS
Presentation Attack,
ISO/IEC 30107
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:30107:-1:ed-1:v1:en
Graphic: https://www.cse.msu.edu/~rossarun/pubs/FengJainRoss_AlteredFingerprint_TechReport09.pdf
“Presentation attack can be
implemented through a number
of methods, e.g. artefact,
mutilations, replay, etc.”
(a) Transplanted fingerprints from toes,
(b) Bitten fingers, (c) Fingers burned by
acid, (d) Stitched fingers
14. Clare Nelson, @Safe_SaaS
Presentation Attack Detection (PAD)
Automated determination of a presentation attack
• Includes liveness detection
• Active, passive, or combination
Source: https://www.iso.org/obp/ui/#iso:std:iso-iec:30107:-1:ed-1:v1:en
Source: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
Source: https://www.qafis.com/anti-spoofing
16. Clare Nelson, @Safe_SaaS
Source: http://www.cse.msu.edu/~rossarun/BiometricsTextBook/Papers/Security/JainNandakumarNagar_TemplateSecuritySurvey_EURASIP08.pdf
Source: http://www.m2sys.com/blog/biometric-hardware/black-hat-iris-biometrics-attacks-dont-tell-the-whole-story/
Intrinsic
Failure
Administration
Biometric
System Failure
Biometric
Overtness
Individuality of
Biometric Trait
Sensor, Representation,
Compare Limitations
Hill Climbing
Replay
Steal, Modify
Templates
Function Creep
Trojan Horse Spoofing
Exception
Processing
Insider
Attack
Enrollment
Fraud
Non-Secure
Infrastructure
Intrinsic Failure
- How individual are partial fingerprints?
- Uniqueness not formally proven
- Challenged in court cases
Administration
- Depends on human interactions
- Open to social engineering
Biometric Overtness
- Biometrics are not secrets
Infrastructure
- Hill climbing attacks subsided since
2012 Black Hat talk on iris attacks
- If perfect match, then fail, step-up
- Vulnerabiities of mobile device and/or
server
- Includes Blockchain in some cases
Biometric System Vulnerabilities
17. Clare Nelson, @Safe_SaaSSource: https://www.nist.gov/sites/default/files/nstic-strength-authentication-discussion-draft.pdf
Biometric System Attack Diagram (Ratha 2001, ISO 2006, NIST 2015)
Demonstrate at least
90% resistance to
presentation attacks.
Presentation
Attack
Modify
Decision
Data
Storage
Process
Signal
Decision
Override
Decision
Engine
Data
Capture
Override
Comparator
Extract/Modify
Biometric
Sample
Modify Probe Modify Score
Modify
Biometric
Reference
Override
Capture
Device
Override
Signal
Processor
Override
Database
Intercept image
Compare
Deceive Machine Learning
22. Deception of Deep Neural Networks
Source: https://arxiv.org/pdf/1511.04508.pdf
Source: https://stats.stackexchange.com/questions/182734/what-is-the-difference-between-a-neural-network-and-a-deep-neural-network
Car Cat
Image on right was created by
an adversarial algorithm from
the image on left
• The altered image is
incorrectly classified as a cat
by the Deep Neural Network
Neural Network Deep Neural Network
23. Deception of Deep Neural Networks
Source: https://www.popsci.com/byzantine-science-deceiving-artificial-intelligence
Slight distortions made to
original picture
Unaltered image,
Meenakshi Temple
Ostrich
24. Deception of Machine Learning
Adversarial Perturbations against Deep Neural Networks
Source: https://www.cs.cmu.edu/~sbhagava/papers/face-rec-ccs16.pdf
Source: https://www.researchgate.net/publication/312638997_Cracking_Classifiers_for_Evasion_A_Case_Study_on_the_Google's_Phishing_Pages_Filter
Perturbing eyeglass frames,
impersonate Russell Crowe
Attacker evades recognition or impersonates another
individual
• Deep Neural Networks (DNNs) can be misled by
mildly perturbing inputs
• Adversary mounts dodging or impersonation attack
after the system has been trained
• Adversary cannot “poison” the system by altering
training data, injecting mislabeled data, etc.
• Adversary can alter only the composition of inputs to
be classified
• Print eyeglass frame pattern, attach to frames
Geek frames
27. Mobile Biometrics Growth
Source: http://www.biometricupdate.com/201611/biometric-authentication-to-be-used-in-over-600m-mobile-devices-by-2021-juniper-research
Source: https://aimbrain.com/wp-content/uploads/2017/09/AimBrain-Cloud-Biometrics-BIDaaS-Paper-final.pdf
Finger, Iris, Face, Voice
Native, comes with device from manufacturer
2016
190 million
mobile device
2021
600 million
mobile devices
2023
Biometric authentication
enables $1.37 trillion
payment and nonpayment
transactions
29. Clare Nelson, @Safe_SaaS
Liveness Detection
Source: ISO 30107 download page: http://standards.iso.org/ittf/PubliclyAvailableStandards/c053227_ISO_IEC_30107-1_2016.zip
Anatomical characteristics
• Absorption of illumination by the skin and
blood
Involuntary (physiological) reactions
• Reaction of the iris to light
• Heart activity (pulse)
Voluntary reactions or subject behaviors
• Squeeze fingers in hand geometry
• Respond to cue (blink, turn head)
Determine if a biometric sample is being
captured from a living subject at the point of
capture
32. Fast Identity Online (FIDO) Alliance
• Protocol for liveness detection evaluation, enroll live
fingers, then attempting spoof attacks against the
enrolled templates
• Attacks performed with different spoof materials
(species) must meet same performance standard
International Standards Organization (ISO)
• Standards for liveness detection, ISO/IEC 30107
• Presentation Attack Detection
Federal Office for Information Security, Germany
• International standard, Common Criteria, offers
certification for liveness detection to sensor
manufacturers
• Safran Morpho (France) is the first and only vendor
thus far to achieve this rigorous certification
Source: https://precisebiometrics.com/products/fingerprint-spoof-liveness-detection/
Source: https://www.morpho.com/en/media/safran-identity-security-enhances-convenience-and-security-its-selfie-check-mobile-authentication-solution-20170223
Graphic: http://www.bbc.com/news/technology-34466322
Emerging Standards for Liveness Detection
Turn head to right, left, down, or combination
33. Clare Nelson, @Safe_SaaSSource: http://livdet.org/index.php
Liveness Detection Competition
Iris, Finger
Live-Det Iris 2017
Iris Liveness Detection Competition
Hosts
• University, Notre Dame University
• West Virginia University
• Warsaw University of Technology
Part of International Joint Conference on Biometrics
(IJCB) 2017
34. Clare Nelson, @Safe_SaaS
How Detect Virtual Reality Spoof?
Source: https://www.iso.org/standard/53227.html
Source: https://www.wired.com/2016/08/hackers-trick-facial-recognition-logins-photos-facebook-thanks-zuck/
Digital 3-D facial models based on publicly
available photos (Facebook)
• Displayed with mobile virtual reality
technology
• Defeated facial recognition systems Input
Web Photos
Feature
Extraction
3D Model
Construction
Image
Texturing
Gaze
Correction
Viewing with Virtual Reality System Expression Animation
1 2 3 4
56
35. Clare Nelson, @Safe_SaaS
Trusted Biometrics under Spoofing Attacks (TABULA RASA)
Graphic: https://ec.europa.eu/commission/index_en
Graphic: http://www.ee.oulu.fi/~gyzhao/research/gait_recognition.htm
Graphic: http://www.homelandsecuritynewswire.com/dr20120302-researchers-develop-pulse-biometrics
Funded by the European Commission
Global, institutions from all over the world
TABULA RASA project
1. Standards, direct attacks to a range of biometrics, how
vulnerable the different biometric traits are to these attacks
2. Combine multiple biometric traits to build a single system
that is robust to direct attacks, and examine novel methods
to perform liveness detection
3. Study novel biometrics which might be robust to direct
attacks
- Vein or electro-physiological signals (such as the heart
beat)
- Gait
37. Clare Nelson, @Safe_SaaSSource: https://www.researchgate.net/publication/312937243_Presentation_Attack_Detection_Methods_for_Face_Recognition_Systems_-_A_Comprehensive_Survey
Presentation Attack Detection (PAD), Using Algorithms
(a) Bona fide image
(b) Laser printer artefact
(c) Inkjet printer artefact
(d) Display attack using iPad
Using Local Binary Patterns (LBPs) as PAD
38. Clare Nelson, @Safe_SaaSSource: https://www.researchgate.net/publication/312937243_Presentation_Attack_Detection_Methods_for_Face_Recognition_Systems_-_A_Comprehensive_Survey
Presentation Attack Detection (PAD), Using Algorithms
(a) Bona fide image
(b) Laser printer artefact
(c) Inkjet printer artefact
(d) Display attack using iPad
Using Local Binary Patterns (LBP) as PAD
39. Clare Nelson, @Safe_SaaSSource: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
PAD for Finger: Implement in Hardware, Software, or Both
Software
Assess characteristics of sample: sharpness of lines, presence of pores.
• Easier to implement
• Easier to update, including over the air (OTA) as anti-spoofing
techniques improve
• Leverage machine learning
Hardware
Requires additional capabilities in fingerprint scanner: ability to sense
pulse, temperature, and capacitance; none of which can be done in
software alone
• Greater ability to detect “liveness” of finger being scanned
• More expensive
• Consumes more power
• May introduce latency if, for example, there is a need to sense
multiple heartbeats
41. Clare Nelson, @Safe_SaaS
Template Reverse Engineering:
Fingerprint Reconstruction from Minutiae
Source: http://biometrics.cse.msu.edu/Publications/Fingerprint/FengJain_FpReconstruct_PAMI10.pdf
Problem
Widespread deployment of
fingerprint recognition
systems
• Compromised fingerprint
templates may be used to make
fake fingers
• Fake fingers could then be used to
deceive all fingerprint systems the
same person is enrolled in
Fingerprint Reconstruction
42. Clare Nelson, @Safe_SaaS
Is it Possible to Reverse-Engineer a Biometric Template?
Is it possible to regenerating the original
biometric sample from its template? YES
• Template is a compact description of
original data
• Template generation techniques had been
presumed to be “one-way” schemes
• But, inverse biometrics can regenerate
original biometric samples from templates
Source: http://publications.idiap.ch/downloads/papers/2017/Akhtar_IEEEMM_2017.pdf
Source: http://ieeexplore.ieee.org/document/6460373/
Source
Biometrics: In Search of Identity and
Security
Zahid Akhtar, Abdenour Hadid, Mark Nixon,
Massimo Tistarelli, Jean-Luc Dugelay, Sébastien
Marcel
• University of Quebec, Canada
• University of Oulu, Finland
• University of Southampton, UK
• University of Sassari, Italy
• EURECOM, France
• Idiap Research Institute, Switzerland
June 2017
IEEE MultiMediaI ( Volume: PP, Issue 99)
44. Clare Nelson, @Safe_SaaS
Cancelable Biometrics
Intentional, systematically repeatable, distortions
of biometric signals based on transforms
• Provides comparison of biometric templates in
the transformed domain
• Instead of storing the biometrics, transformed
templates are stored in the enrollment database
Inversion of transformed biometric templates must
not be feasible for potential imposters
The application of transforms provides irreversibility
and unlinkability of biometric templates
• Prevents the use of same captured template for
other applications
Source: http://publications.idiap.ch/downloads/papers/2017/Akhtar_IEEEMM_2017.pdf
Source: https://arxiv.org/pdf/1703.05455.pdf
Source: http://www.sciencedirect.com/science/article/pii/S0031320317300249
Source: https://www.bayometric.com/biometric-template-security/
Advantage
• The transformed template is revocable
• Biometric traits are irrevocable (hard to
reset fingerprints or face math)
Enrollment
Authentication
Enrolled data
Query data
Transformation
Transformation
Transform Domain
Cancellable
Template
Match
Parameters
45. Clare Nelson, @Safe_SaaS
Biometric Cryptosystems
Cryptographic keys are generated from the
corresponding biometric minutiae values
• Only store biometrically encrypted PIN or
password, not the large biometric sample
Source: http://digitalcommons.unf.edu/cgi/viewcontent.cgi?article=1773&context=etd
Use of biometric encryption
• FBI, Integrated Automated Fingerprint
Identification System (IAFIS)
• US, VISIT Program
• Transportation Security Administration (TSA)
Registered Traveler
• Program with U.S. National Science and Technology
Council’s Subcommittee on Biometrics
46. Clare Nelson, @Safe_SaaS
Homomorphic Encryption
ISO/IEC 24745 standard on biometric
information protection
Irreversibility
• Biometric data shall be processed by
irreversible transforms before storage
• Not feasible to reconstruct biometric
sample from template
Unlinkability
• The unique biometric data (renewability)
can be used to generate different
versions of protected biometric
templates, while not allowing their cross-
matching (diversity)
• Stored biometric references should not
be linkable across applications or
databases
Source: https://pdfs.semanticscholar.org/4ded/dc1f8726e0f2f2b20f82d49cc7beae402f2e.pdf
48. Clare Nelson, @Safe_SaaS
Add Behavioral Biometrics, Device Sensor Data to Template
Source: http://www.bioelectronix.com/what_is_biometrics.html
Digital image
Add multiple biological and
behavioral biometrics, plus derived
sensor data from device
Biometric
Template
Feature
extraction
49. Clare Nelson, @Safe_SaaS
Point-in-Time on Mobile Device vs Continuous in Cloud
Source: https://aimbrain.github.io/aimbrain-api/
Graphic: http://publications.idiap.ch/downloads/papers/2017/Akhtar_IEEEMM_2017.pdf
Point in time
Dozens of biometric and device-
derived attributes, context, behavior
• Harder to reverse engineer, attack,
or spoof
12:02 PM
• Mobile Device
Continuous 24x7 data collection
• Biometric Identity as a Service (BIDaaS)
Time, location, interaction
51. Clare Nelson, @Safe_SaaS
Blockchain
Source: https://www.slideshare.net/RobertvanMlken/blockchain-on-the-oracle-cloud-the-next-big-thing-80512974
• Permanent ledger
• Records written by owner with
private key
• Everyone can view the record using
the owner’s public key
• Data stored on the record can be
encrypted, hashed
• Distributed, many copies
• Hashing algorithm used to connect
the blocks is hard to break
52. Clare Nelson, @Safe_SaaS
Biometrics and Blockchain (Accenture, Microsoft Example)
Source: https://biometricsinstitute.org/data/Events/M182/11.30_IBM.pdf
Source: https://findbiometrics.com/id2020-supporters-blockchain-biometrics-406194/
Source: http://identity.foundation/
Source: http://id2020.org/
DECENTRALIZED IDENTITIES
anchored by
BLOCKCHAIN IDs
linked to
ZERO-TRUST DATASTORES
that are
UNIVERSALLY DISCOVERABLE
ID2020
1.1 B people have no officially
recognized identity
Accenture identity system based
on Ethereum
• Runs on Azure
• Fingerprint, iris biometrics,
among others
• Supports identification in a
decentralized manner
• Identifies registered individuals
by their biometric traits
53. Clare Nelson, @Safe_SaaS
Biometrics and Blockchain (IBM Hyperledger Example)
Source: https://biometricsinstitute.org/data/Events/M182/11.30_IBM.pdf
Decentralized Immutable Blockchain-based Object Storage (DInO)
Object
Store
54. Clare Nelson, @Safe_SaaS
Biometrics and Blockchain (IBM Hyperledger Example)
Source: https://biometricsinstitute.org/data/Events/M182/11.30_IBM.pdf
Interoperability of Biometrics
Using blockchain
Inter-Departmental
Data Sharing
Intra-Departmental
Data Sharing
DD
DD
Inter-Departmental
Data Sharing
International Border
Management
International Border
Management
55. Clare Nelson, @Safe_SaaS
Source: https://www.youtube.com/watch?v=UJBMerQ3kJA&t=14s
Graphic: https://www.qafis.com/face
Blockchain Concerns
• Cryptography, is it open source and peer vetted?
• How recover lost private keys?
• How revoke keys if stolen?
• Private blockchains may not be as publicly
decentralized as the Bitcoin scheme
• Possible single points of failure subject to DDoS,
hacking
• Super-user points of access by the governing
bodies that define rules and permissions
• Load issues at high volume, large scale
56. Clare Nelson, @Safe_SaaS
Database vs Blockchain
Source: https://www.thepaypers.com/expert-opinion/blockchain-for-dummies-a-quick-guide-into-the-ledger-technology/761925
Secure? central database
of a trusted third party
Blockchain network, security by sharing?
More secure, or
just a different
threat model?
If still storing biometric
images, especially in the
clear, then not much
advancement
Blockchain databases or mines
Backup database
Database
57. Clare Nelson, @Safe_SaaS
Blockchain, Difficult to Assess Risk
• Numerous blockchain varieties, implementations, e.g. private Ethereum
• “Difficult to construct a threat model on which to perform a risk assessment”
• Blockchain is complex, emerging, poorly understood
Source: https://www.vox.com/culture/2016/10/25/13341168/pepe-the-frog-alt-right-scott-adams
Source: https://www.gartner.com/smarterwithgartner/blockchain-combines-innovation-with-risk/
59. Clare Nelson, @Safe_SaaS
Consumer
Applications
High Security
Applications
Low Risk
Applications
Biometrics: Attack Mitigations Based on Level of Risk
Graphic: https://www.accenture.com/us-en/success-unhcr-innovative-identity-management-system
Source: https://thestack.com/cloud/2017/06/22/accenture-and-microsoft-partner-on-blockchain-identity-prototype/
Source: https://www.accenture.com/_acnmedia/Accenture/Conversion-Assets/DotCom/Documents/Global/PDF/Dualpub_9/Accenture-Beating-the-Biometrics-Fraudsters.pdf#zoom=50
Know Your Risk Level
• Apply or invoke mitigations based
on risk
• Weigh, consider, calculate
• Expense
• Performance degradation
• User experience
• Contextual, adaptive mitigation
options
False Reject Rate (FRR)
FalseAcceptanceRate(FAR)
Fraud detection may not be required
Strong fraud detection required
Convenient fraud detection required
60. Clare Nelson, @Safe_SaaS
Alipay ‘Smile to Pay’
Source: http://www.alizila.com/alipay-launches-smile-to-pay-commercial-use/
Multistep process, 1-2 seconds of facial
scanning
• 3D camera
• Liveness detection algorithm
• Algorithm can detect shadows and
other features that can only come
from living beings
• Blocks photos or video from attackers
• Adds phone number check
• KFC in Hangzhou, China
Today smile and phone number, tomorrow just smile
61. Clare Nelson, @Safe_SaaS
When Does Law Enforcement
Demand to Read Your Data
Become a Demand to Read Your
Mind?
Source: https://cacm.acm.org/magazines/2017/9/220420-when-does-law-enforcements-demand-to-read-your-data-become-a-demand-to-read-your-mind/fulltext (September 2017)
– Andrew Conway, Peter Eckersley
Communications of the ACM, September 2017
“That gadget in your hand is not a phone, it is a
prosthetic part of your mind, which happens to make
telephone calls.”
Which parts of our thoughts should be shielded against
prying or attacks? How do this?
62. Clare Nelson, @Safe_SaaS
Brainwave Biometrics
Source: https://findbiometrics.com/brainwave-biometrics-research-311115/
Investigate Security
Vulnerabilities of Brainprint
Biometrics
• Evaluate the strengths and
weaknesses of brain
biometrics
National Science Foundation
(NSF)
• Awarded $1.2 M
• November 2016
64. Clare Nelson, @Safe_SaaS
We Stand on the Shoulders of Giants
Graphic: http://researcher.watson.ibm.com/researcher/view.php?person=us-ratha
Graphic: http://www.idiap.ch/~marcel/professional/Welcome.html
Graphic: https://www.egr.msu.edu/people/profile/jain
Graphic: http://nislab.no/people/norwegian_information_security_laboratory/professors/christoph_busch
Sébastien Marcel
Anil Jain
Christoph Busch
Nalina Ratha
67. Clare Nelson, @Safe_SaaS
• Andres, Joachim; blog, Smarter Security with Device Fingerprints, https://forgerock.org/2015/09/smarter-security-with-device-
fingerprints/?mkt_tok=3RkMMJWWfF9wsRonv6TIeu%2FhmjTEU5z16u8kWaSyhokz2EFye%2BLIHETpodcMTcFnM7DYDBceEJhqyQJxPr3GKtYNysBvRhXlDQ
%3D%3D (September 2015)
• Attribute-based Credentials for Trust (ABC4Trust) Project, https://abc4trust.eu/
• AU2EU Project, Authentication and Authorization for Entrusted Unions, http://www.au2eu.eu/
• Barbir, Abbie, Ph.D; Multi-Factor Authentication Methods Taxonomy, http://docslide.us/documents/multi-factor-authentication-methods-taxonomy-
abbie-barbir.html (2014)
• Bonneau, Joseph, et al, Passwords and the Evolution of Imperfect Authentication, Communications of the ACM, Vol. 58, No. 7 (July 2015)
• Elliott, Stephen; Kukula, Eric: A definitional framework for the human/biometric sensor interaction model, https://www.spiedigitallibrary.org/conference-
proceedings-of-spie/7667/1/A-definitional-framework-for-the-humanbiometric-sensor-interaction-model/10.1117/12.850595.short (April 2010)
• Jain, Anil; Nandakumar, Karthik; Nagar, Abhishek; Biometric Template
Securityhttp://biometrics.cse.msu.edu/Publications/SecureBiometrics/JainNandakumarNagar_TemplateSecuritySurvey_EURASIP08.pdf (2007)
• Keenan, Thomas; Hidden Risks of Biometric Identifiers and How to Avoid Them, University of Calgary, Black Hat USA, https://www.blackhat.com/docs/us-
15/materials/us-15-Keenan-Hidden-Risks-Of-Biometric-Identifiers-And-How-To-Avoid-Them-wp.pdf (August 2015)
References, 1 of 3
68. Clare Nelson, @Safe_SaaS
• Hardjono, Thomas; Pentland, Alex “Sandy”; MIT Connection Science & Engineering; Core Identities for Future Transaction Systems,
https://static1.squarespace.com/static/55f6b5e0e4b0974cf2b69410/t/57f7a1653e00be2c09eb96e7/1475846503159/Core-Identity-Whitepaper-
v08.pdf (October 7, 2016). [TBD: check back, right now it is a DRAFT, do not cite]
• Jankovich, Thomas; “Blockchain Makes Digital ID a Reality,” https://finxtech.com/2016/12/02/blockchain-makes-digital-id-reality/ (December 2016)
• Jin, Zhe; Lai, Yen-Lung; Hwang, Jung Yeon; Ranking Based Locality Sensitive Hashing Enabled Cancelable Biometrics: Index-of-Max Hashing,
https://arxiv.org/pdf/1703.05455.pdf (2017)
• Johnstone, Mike; Why we need privacy-preserving authentication in the Facebook age,
http://www.iaria.org/conferences2015/filesICSNC15/ICSNC_Keynote_v1.1a.pdf (November 2013).
• Kunk, S.K., Biometric Authentication: A Machine Learning Approach, Prentice Hall (2005).
• mikeh, Machine Learning and Biometrics, Neya Systems blog, http://neyasystems.com/machine-learning-biometrics/ (March 23, 2013)
• MyData Identity Network based on User Managed Access (UMA),
https://docs.google.com/presentation/d/1j3aX8AQGdVtigF1WZouL8WccmYQzZQQje3wuaC2Zb1I/edit#slide=id.g1386e8a6aa_2_914
• Nelson, Clare, Multi-Factor Authentication: What to Look For, Information Systems Security Association (ISSA)
Journalhttp://www.bluetoad.com/publication/?i=252353 (April 2015)
References, 2 of 3
69. Clare Nelson, @Safe_SaaS
• Pagliery, Jose; OPM’s hack’s unprecedented haul: 1.1 million fingerprints: http://money.cnn.com/2015/07/10/technology/opm-hack-
fingerprints/index.html (July 2015)
• Perrot, Didier; There’s No Ideal Authentication Solution, http://www.inwebo.com/blog/theres-no-ideal-authentication-solution/ (August 2015)
• Stanislav, Mark; Two-Factor Authentication, IT Governance Publishing (2015)
• Steves, Michelle, et al, NISTIR, Report: Authentication Diary Study, http://nvlpubs.nist.gov/nistpubs/ir/2014/NIST.IR.7983.pdf (February 2014)
• White, Conor; CTO Doan, Biometrics and Cybersecurity, http://www.slideshare.net/karthihaa/biometrics-and-cyber-security (2009, published 2013)
• Wouk, Kristofer; Flaw in Samsung Galaxy S5 Could Give Hackers Access to Your Fingerprints,http://www.digitaltrends.com/mobile/galaxy-s5-
fingerprint-scanner-flaw/ (April 2015)
References, 3 of 3
71. Clare Nelson, @Safe_SaaS
Source: http://biometrics.cse.msu.edu/Publications/Multibiometrics/SudhishJainCao_AdaptiveFusionIdentityDeduplication_PRL2016.pdf
Source: http://www.iphonehacks.com/2017/01/synaptics-launches-multi-factor-facial-fingerprint-recognition-engine-smartphones-tablets.html
Fusion Strategies: Example of Face and Finger
Better accuracy
• Bimodal biometric system using face and
fingerprint.
• Salient features of the face and fingerprint were
extracted, and fused/combined.
72. Clare Nelson, @Safe_SaaS
Add Behavioral Biometrics, Device Sensor Data to Template
Source: https://findbiometrics.com/aimbrain-uk-patent-biometric-context-system-410184/
Source: http://www.freepatentsonline.com/20170177999.pdf
Leverage sensors on device to add data points to the biometric template
Raw sensory data may be collected continuously
• Collect raw sensory data when user is consciously using device
• Collect raw sensory data when user is not aware
• If device is in user’s pocket, collect raw sensory data about how a user
walks, sits, stands
• Supports continuous invisible identity verification (PIN or fingerprint
verification is only for a moment in time)
• Location
• User activity (user’s movement speed, whether user is listening to music)
• Device connections
• Device orientation (If mobile device, landscape, portrait)
• If touchscreen, the touch time, touch timing, touch pressure, touch area,
touch location coordinates
• Accelerometer data
• Gyroscope data
• GPS coordinates
• Hover coordinates
Conditional behavioral biometrics
Assesses the contextual conditions around a given biometric
factor
• Background noise in a voice recording
• Lighting around a face
Incorporates contextual features into an overall biometric
template
• Sub-process of its overall biometric authentication system
• Face
• Voice
• Behavioral biometrics
United States Application US20170177999
June 2017
73. Clare Nelson, @Safe_SaaS
Add Behavioral Biometrics, Device Sensor Data to Template
Source: https://findbiometrics.com/aimbrain-uk-patent-biometric-context-system-410184/
Source: http://www.freepatentsonline.com/20170177999.pdf
Source: https://aimbrain.com/press-releases/2017/10/17/aimbrain-adds-conditional-biometrics-patent-authenticate-user-across-multiple-contexts/
Graphic: http://publications.idiap.ch/downloads/papers/2017/Akhtar_IEEEMM_2017.pdf
Derived sensory data features include
- Duration of a touchscreen interaction
- Physical touchscreen interaction distance
- Time between touchscreen interactions
- Maximum, minimum and/or average deviation from
a straight line during touchscreen interaction
- Acceleration of deceleration of a touchscreen
interaction
- Curvature of a touchscreen interaction
- Length of a touchscreen interaction
- Background tremor while using the device
- Tremor during interaction with the device (from
accelerometer and gyroscope data)
- Device (user) speed based on GPS and other device
location services
- Orientation of the device (from magnetometer data)
Gives confidence score along with the pass/fail
authentication result
• Enrollment is performed on each device separately
• User model is updated continuously
• Model can be regenerated completely
Creates a detailed mathematical construct of each user
• How they look, sound or behave across a broad range of
settings
• Highly specific data is clustered and linked, to build a
unique, digital identity
• Authenticate person quickly and seamlessly whenever
they interact with their bank, in virtually any
environment
74. Clare Nelson, @Safe_SaaS
Lack of Common Vocabulary
Source: https://precisebiometrics.com/wp-content/uploads/2014/11/White-Paper-Understanding-Biometric-Performance-Evaluation.pdf
Graphic: https://www.britannica.com/topic/Tower-of-Babel
Source, Domain Associated Terms
Biometrics Text
Books
FAR FRR
Type II Type I
NIST FMR FNMR
ISO/IEC More, detailed More, detailed
Risk False Positive False Negative,
False Reject, Insult
Rate
Equal Error Rate (EER), also known as Crossover Error Rate (CER)
Vocabulary Updates
2017 ISO/IEC 2382-37
75. Clare Nelson, @Safe_SaaS
Issues with Biometrics
Facial recognition is prone to problems with lighting
conditions
• Vendor evaluation
• Face recognition did not work in outdoor
Austin sunshine, or in an office, standing
near window
• Vendor response: “Go inside”
Voice recognition is prone to environmental background
noise
• Unnamed financial services market leader
• User experience
• In car, with some background noise
• Call, and use voice: “At Unnamed, my voice
is my password”
• Failed after multiple attempts, due to
background noise
• Works at home, in quiet office
Graphic: http://www.securitysales.com/tag/biometrics/
Fingerprint recognition is prone to moisture, dirty reader
• At unnamed employer
• Use fingerprint reader
• Touch with a registered finger
• Fails if finger is slightly damp, or reader is dirty
• Guard recommended: ridge builder (liquid with no
ingredients listed, nor provided by manufacturer)
76. Clare Nelson, @Safe_SaaS
Anti-Spoofing, Presentation Attack Detection (PAD)
Source: https://www.iso.org/standard/53227.html
As is the case for biometric recognition, PAD techniques are subject to errors,
both false positive and false negative:
• false positive indications wrongly categorize routine presentations as
attacks, thus impairing the efficiency of the system
• false negative indications wrongly categorize presentation attacks as
routine, not preventing a security breach.
Therefore, the decision to use a specific implementation of PAD will depend
upon the requirements of the application and consideration of the trade-offs
with respect to security and efficiency.
78. Source: http://www.pymnts.com/news/security-and-risk/2017/digital-identity-way-beyond-the-social-security-number/ (August 2017)
Graphic: http://01greekmythology.blogspot.com/2015/02/panacea.html
Biometrics offers no panacea in the quest for digital
identities that prove foolproof and hack-proof
Biometrics offer great promise, but
• They are not all created equal
• They are not a secret
• They can be lifted
• They can be forged
• They can be compromised because they are not
private
Issues with Biometrics, No Panacea
– Paul Grassi, senior standards and technology advisor of
the Trusted Identities Group at the National Institute of
Standards and Technology (NIST)
Greek goddess of universal remedy
79. Clare Nelson, @Safe_SaaS
Issues with Biometrics: Security is Often Overestimated
Use biometrics with another method of authentication
Biometrics are a complementary security control to make
it easier for a human to interact with technology
• Combine with an additional security control such as a
passphrase or multi-factor authentication
Trust must be continuously challenged
• Ensure person behind the device is really the person who
they say they are
Source: https://www.thestreet.com/story/14301038/1/iphonex-facial-biometrics-could-prevent-hackers-from-accessing-information.html
– Joseph Carson, chief security scientist at Thycotic
Will iPhone X support
face and passcode,
or just one or the other?
81. Clare Nelson, @Safe_SaaS
Examples of Artificial and Human Presentation Attack Instruments
Source: https://www.iso.org/standard/53227.html .
82. Clare Nelson, @Safe_SaaS
When Is the Image Discarded?
iOS, Finger, Home Button
- Capacitive steel ring
- Detects capacitance similar to human finger
- Triggers conductive imaging array to scan the object
(finger) currently covering the fingerprint scanner
- The resulting raster scan image is temporarily stored in
encrypted memory within the Secure Enclave
- Image is vectorized for analysis, following which it is
discarded
- Only a model of the fingerprint as a collection of nodes
is stored permanently in the encrypted memory of the
Secure Enclave
- Apple claims that constructing a user’s fingerprint from
this model is not feasible
- Touch ID allows for five unsuccessful attempts at
fingerprint verification before Touch ID is disabled and
will no longer unlock the device
Source: https://courses.csail.mit.edu/6.857/2016/files/12.pdf
84. Clare Nelson, @Safe_SaaS
Spoofing
Source: https://www.linkedin.com/pulse/biometric-spoofing-nadh-thota
Source: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
Types of Fake Fingerprints
Fake Eye Images, Contact Lens etc.,
enable hackers to fake Iris sample
Real Fake
85. Clare Nelson, @Safe_SaaS
Source: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
Source: https://www.computer.org/csdl/trans/tp/2006/01/i0031.html
Face Spoofing
Matching 2.5D Face Scans to 3D Models
86. Clare Nelson, @Safe_SaaS
Types of Detection
Source: https://www.nist.gov/sites/default/files/documents/2016/11/30/401_newton.pdf
Vendor ID, Algorithm ID, and Sensor ID
87. Clare Nelson, @Safe_SaaS
Example of a PAD Patent
Source: https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2016023582&recNum=73&docAn=EP2014067290&queryString=&maxRec=2797947
A METHOD OF DETECTING A FALSIFIED
PRESENTATION TO A VASCULAR RECOGNITION
SYSTEM
Hand palm vascular system
Pub. No.: WO/2016/023582
International Application No.: PCT/EP2014/067290
Publication Date: 18.02.2016
International Filing Date: 13.08.2014
88. Clare Nelson, @Safe_SaaS
Contactless Biometric Recognition
Source: http://healthcare.fai.fujitsu.com/resource/essentials-to-achieve-optimal-clinical-workflow.pdf
Source: http://www.amfastech.com/2013/03/a-seminar-on-palm-vein-technology.html
Solution
• Palm vein
• Capture palm vein pattern with near-infrared rays
• Works with clinician, surgeon gloves
• Fujitsu data sheet
• FAR (false accept rate) = 0.00001%
• FRR (false reject rate) = 1.0%
89. Clare Nelson, @Safe_SaaS
Artefact
Source: ISO 30107 download page: http://standards.iso.org/ittf/PubliclyAvailableStandards/c053227_ISO_IEC_30107-1_2016.zip
Artefact - artificial object or
representation presenting a copy of
biometric characteristics or synthetic
biometric patterns
91. Clare Nelson, @Safe_SaaS
iPhone X
Source: https://techcrunch.com/2017/09/15/interview-apples-craig-federighi-answers-some-burning-questions-about-face-id/ (September 2017)
92. Clare Nelson, @Safe_SaaS
iPhone X, Face ID
Source: https://venturebeat.com/2017/09/12/iphone-x-ditches-touch-id-for-face-id/
Source: http://bgr.com/2017/09/12/iphone-x-price-specs-features/
93. Clare Nelson, @Safe_SaaS
FaceID Training
Apple trained on 1 billion plus faces, global, got permission
• Maintains this database
“We do not gather customer data when you enroll in Face ID, it stays on your device, we
do not send it to the cloud for training data”
There is an adaptive feature of Face ID that allows it to continue to recognize your
changing face as you change hair styles, grow a beard or have plastic surgery.
• This adaptation is done completely on device by applying re-training and deep
learning in the redesigned Secure Enclave.
• None of that training or re-training is done in Apple’s cloud.
• Apple has stated that it will not give access to that data to anyone, for any price.
When you train the data it gets immediately stored in the Secure Enclave as a
mathematical model that cannot be reverse-engineered back into a “model of a face.”
• Any re-training also happens there.
• It’s on your device, in your secure enclave, period.
Face ID
Source: https://techcrunch.com/2017/09/15/interview-apples-craig-federighi-answers-some-burning-questions-about-face-id/ (September 2017)
Secure Enclave, Updated
with Secure Enclave
Processor
Truly no reverse
engineering?
- Anonymization?
94. Clare Nelson, @Safe_SaaS
Face ID: Enroll, Can You Read Instructions without Glasses?
Source: http://www.idownloadblog.com/2017/09/15/face-id-overview/ (September 2017)
• Settings
• Face ID & Passcode
• Enroll Face
• Get Started
• Follow Onscreen Instructions (Read without
Glasses?)
• Gently move your head while looking at
the screen to complete the circle
95. Clare Nelson, @Safe_SaaS
Face ID: Demo Failed Twice
Source: https://www.youtube.com/watch?v=unIkqhB2nA0 (September 2017)
Source: http://www.nydailynews.com/news/national/apple-reveals-iphone-x-new-face-id-tech-fails-demo-article-1.3491125 (September 2017)
We all experience demo failures
• Craig Federighi, SVP Software
Engineering
• Face ID failed twice
• Why did Federighi wipe his face
afterward?
• Stock dipped from $163 a share to
$159
• Closed at $161
96. Clare Nelson, @Safe_SaaS
Face ID: Attention Detection
Source: https://techcrunch.com/2017/09/15/interview-apples-craig-federighi-answers-some-burning-questions-about-face-id/ (September 2017)
Face ID requires that it be able to see:
• Eyes
• Nose
• Mouth
The “Attention” feature won’t work for everyone
• Blind
• Vision impaired
• Cannot stare directly at phone to communicate intent
In those cases, where a face is recognized, but it can’t see eyes,
just turn off the “attention detection” feature
• Still get Face ID, but at a lower level of overall security
because cannot ensure user’s eyes are directly focused on it
There are scenarios
where it just won’t work
98. Clare Nelson, @Safe_SaaS
Don’t Use Biomatrics as Single or Primary Factor
Source: https://www.nist.gov/sites/default/files/nstic-strength-authentication-discussion-draft.pdf
Graphic: http://www.itproportal.com/2016/04/07/the-role-of-biometric-authentication-techniques-in-security/
Remote System Access
Exclude biometrics as single or
primary authentication factor
• Biometric samples are not
secrets
• Biometric samples are different
each time they are captured
99. Clare Nelson, @Safe_SaaS
Source: https://www.theguardian.com/technology/2015/apr/23/samsung-investigating-fingerprint-hack-galaxy-s5 (2015)
Source: https://www.blackhat.com/docs/us-15/materials/us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking-wp.pdf
Galaxy S5 Fingerprint Interception (Black Hat USA 2015)
Read the data coming directly from the fingerprint
sensor before it reaches the secure zone
Wei and Zhang
Most vendors fail to lock down the sensor
(from being accessed by the normal world
programs) when the processor switched back
from the secure world
Without the proper lockXdown, the attacker
can directly read the fingerprint sensor
Attackers can do this stealthily in the
background
• Attackers can keep reading the fingerprints
on every touch of the victim’s fingers
Attackers with remote code execution exploits
can remotely harvest everyone’s fingerprints in
a large scale, without being noticed
101. Clare Nelson, @Safe_SaaS
Source: http://my.clarkson.edu/biosal/pdf/Presentations%20and%20Attacks.pdf
Are All Biometric Templates Alike?
Is it easy to foil the template process?
• Each biometric system has specialized features and a
specific format of a template
• Foiling it requires significant knowledge of the system
under attack which for most consumer applications is
a trade secret, plus associated malware to interfere in
the biometric compare software itself
• If malware is injected, it is more likely that other
means of corrupting the software would be easier to
employ, e.g., overriding the compare decision
102. Clare Nelson, @Safe_SaaS
Source: https://pages.nist.gov/SOFA/
Source: http://www.theverge.com/2016/7/21/12247370/police-fingerprint-3D-printing-unlock-phone-murder (2016)
Presentation attacks
based on:
• Time
• Expertise
• Equipment
NIST: Level of Effort
Police 3D-printed a murder
victim's finger to unlock his
phone.
105. Clare Nelson, @Safe_SaaS
Presentation Attack Detection (PAD), Emerging Standards
Source: https://www.iso.org/standard/53227.html
ISO/IEC DIS 30107-2
Information technology -- Biometric presentation attack detection
-- Part 2: Data formats
ISO/IEC FDIS 30107-3
Information technology -- Biometric presentation attack detection
-- Part 3: Testing and reporting
NEW: ISO/IEC 30107-4
106. Clare Nelson, @Safe_SaaS
Presentation Attack Detection (PAD) for Mobile Devices
Source: https://www.iso.org/standard/53227.html
Source: https://cacm.acm.org/magazines/2016/4/200169-multimodal-biometrics-for-enhanced-mobile-device-security/abstract
Source: http://www.planetbiometrics.com/article-details/i/5803/ (April 2017)
Source: http://profit.ndtv.com/news/life-and-careers/article-new-smartphone-from-infocus-to-support-aadhaar-authentication-1634102
ISO/IEC 30107-4
Biometric presentation attack detection – Profile for
evaluation of mobile devices
Address spoofing and presentation attacks against mobile
devices
Presentation Attack Detection (PAD) includes:
• Fake fingerprints
• Video replays
• Voice recordings
Concern for commercial and government agencies:
• Rely on mobile device authentication for transactions
and identity confirmation
107. Clare Nelson, @Safe_SaaS
Types of Presentation Attack Instruments (ISO 30107)
Source: https://www.iso.org/standard/53227.html .
Examples
• Coerced, human presentation attack instrument (unconscious, forced under duress)
• Partial, artificial presentation attack instrument (glue on finger)
111. Clare Nelson, @Safe_SaaS
How can you
tell if it’s a
bad guy?
Source: https://arstechnica.com/gadgets/2017/03/video-shows-galaxy-s8-face-recognition-can-be-defeated-with-a-picture/
Source: https://realizethelies.com/tag/facial-recognition-software/
Source: https://www.iso.org/standard/55194.html (2017)
Biometric Verification Biometric Identification
Comparison 1-to-1 1-to-Many
Purpose Confirm or deny claimed
identity
Identify a specific
individual
Use Case
Example
Unlock mobile device Airport security, identify
a suspect
Biometric Recognition
Scope
“Biometric Authentication” is deprecated
112. Clare Nelson, @Safe_SaaS
Spoofing
Cause biometric system to
recognize an illegitimate user as
a genuine one
• Present a synthetic or forged
version of the biometric trait
to the sensor
Source: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
Source: http://berlin.ccc.de/~starbug/talks/0611-pacsec-hacking_fingerprint_recognition_systems.pdf
Source: https://www.slideshare.net/SBAResearch/31c3-in20min
Source: http://my.clarkson.edu/biosal/pdf/Presentations%20and%20Attacks.pdf
113. Clare Nelson, @Safe_SaaS
Anti-Spoofing
Source: https://pralab.diee.unica.it/sites/default/files/fumera14-spoof-chapter.pdf
Source: http://www.springer.com/us/book/9781447165231
Countermeasure
Detect if the biometric signal acquired by some
sensors belongs to a “live” person or is an
artificial replica
• Fake finger
• 2d photo of a face
• 3d mask of a face
Detect imposter with special makeup or ability
to mimic traits of the legitimate user
• Voice (HSBC spoof)
114. Clare Nelson, @Safe_SaaS
Presentation Attack Instrument
Source: ISO 30107 download page: http://standards.iso.org/ittf/PubliclyAvailableStandards/c053227_ISO_IEC_30107-1_2016.zip
Source: http://www.firstpost.com/tech/news-analysis/hacker-bypasses-the-iris-scanner-in-the-samsung-galaxy-s8-with-a-contact-lens-and-printed-photo-3703315.html (movie of S8 iris spoof)
Biometric characteristic or object used
in a presentation attack
• Artefacts
• Lifeless biometric characteristics (i.e.
stemming from dead bodies)
• Altered biometric characteristics (e.g.
altered fingerprints) that are used in an
attack
Contact lens on infrared picture used by Starbug to spoof
Samsung Galaxy S8 iris recognition
115. Clare Nelson, @Safe_SaaSSource: http://www.cse.msu.edu/~rossarun/BiometricsTextBook/Papers/Security/JainNandakumarNagar_TemplateSecuritySurvey_EURASIP08.pdf
Primary Use Cases: Enrollment and Verification
T = biometric image from enrollment
Q = biometric sample during recognition
XT = T feature sets
XQ = Q feature sets
S = compare score
Enrollment may not just happen once,
biometric traits age or change over time
- Redo face every 4 years?
- Redo if major weight loss, or
cosmetic surgery, or significant
change
- How young start?
Authentication
- Implement retry limits
116. Clare Nelson, @Safe_SaaSSource: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6990726
Presentation Attack Detection (PAD), Techniques
Liveness detection: Facial
thermogram, blood pressure,
fingerprint sweat, or specific
reflection properties of the eye,
pulse, perspiration, pupillary unrest
(hippus), brain wave signals (EEG),
or electric heart signals.
Protect the system against
the injection of reconstructed
or synthetic samples into the
communication channel
between the sensor and the
feature extractor.
Fusion strategies to increase
resistance. Multimodal, use more
than one biometric, or combine
unimodal with an anti-spoofing
technique. The score reflects
more than one input, unknown
to the attacker.
118. Clare Nelson, @Safe_SaaS
Store Biometrics on Device or Server, Cloud? Split?
Source: Webinar by Forrester and Nok Nok Labs, February 1, 2017
Graphic: http://findbiometrics.com/topics/fido-alliance/
Graphic: https://www.carphonewarehouse.com/apple/iphone-6.html
Graphic: http://kryptostech.com/server-management/
Graphic: http://www.planetbiometrics.com/article-details/i/5463/desc/facebook-rolling-out-support-for-fido/
Source: https://www.finextra.com/blogposting/14480/are-we-safe-to-bank-on-biometrics (September 2017)
Biometrics only stored on personal device
(FIDO Alliance, others)
• Biometrics remain on the device, are not
transmitted
• Not susceptible to theft by insiders or
identity thieves who can access a server
repository
Biometrics stored on server
• Works if no mobile phone, works with land line
• Works if person calls in
• Privacy concerns
• Need consent, was it freely given?
• Server access, how secure?
• Susceptible to theft, unwanted modification by
insiders or identity thieves
121. Clare Nelson, @Safe_SaaS
Why Add Biometrics SDK?
Some authentication vendors only support what is
integrated, manufactured in the phone
Touch ID [Face ID] can be used for verification by third
party apps
Similarly, works with Android, some variations.
Third party applications
• Can bypass Touch ID fallback to password or device
passcode
• User may have an unlimited number of Touch ID
verification attempts with this option
• Defeat retry limits
Source: https://courses.csail.mit.edu/6.857/2016/files/12.pdf
Source: https://www.arxan.com/wp-content/uploads/2016/09/ARXAN_Mobile-DATA.3-.pdf
122. Clare Nelson, @Safe_SaaS
Biometrics on Blockchain, Accenture's Biometric Identity Management System
Source: https://medium.com/@decentralized.identity/the-rising-tide-of-decentralized-identity-2e163e4ec663
Devices are associated
with Identity Hubs via
identity-signed
registration of device-
specific public attestation
keys
Hub-Associated Devices
synchronize state and
update locally cached
data via subscription to,
and processing of, the
Identity Hub change feed
Master ID
Key(s)
123. Clare Nelson, @Safe_SaaS
Clare Nelson, CISSP, CIPP/E
CEO, Founder
ClearMark Consulting
Identity, Privacy, Information Security
• Background
o Encrypted TCP/IP variants for NSA
o Product Management at DEC (HP), EMC2
o Director Global Alliances at Dell, Novell
o VP Business Development, TeaLeaf Technology (IBM), Mi3 Security
• Co-founder C1ph3r_Qu33ns, mentor women in information security
• Publications include:
o ISSA Journal, Security Metrics: An Overview
o ISSA Journal, Multi-Factor Authentication: What to Look For
• Talks/Keynotes: (ISC)2 Security Congress, OWN I.T., Cloud Identity
Summit, InfraGard, HackFormers, BSides Austin, LASCON, OWASP
AppSec USA, ISSA Austin, Fortune 500 financial services, FTC Panel
• B.S. Mathematics
Graphic: http://www.activistpost.com/2015/09/fbi-biometrics-programs-surveillance-database.html
Editor's Notes
This presentation is posted on SlideShare, many backup slides, plus reference slides
Footnotes and sources on almost every slide
Samsung Galaxy S8 debut
Face using camera picture from a second phone
Iris by Starbug
How long will it take Starbug to spoof Face ID?
S: What is feature extraction?
What’s wrong with this picture? Android varies and iOS very clear, the digital image, or biometric sample is deleted, only the template is stored
You need to ask. In many cases, especially the mobile biometrics use case, it is not necessary to store the digital image, only the template.
OPM, breaches announced in 2015, 21.5M, 5.6M fingerprint images from background checks, security clearances
Why care? It’s difficult to create a digital image, and then a spoof artefact from the template. But it is very easy to create a spoof artefact, a piece of wood glue that fits over a finger to deceive a fingerprint reader.
OPM, breaches announced in 2015, 21.5M, 5.6M fingerprint images from background checks, security clearances
Is it possible to recreate image from math model?
S: Feature extraction
Replay attack: biometric data are captured and replayed at a later time
Cepstrum: taking the inverse Fourier transform (IFT) of the logarithm of the estimated spectrum of a signal
Binarized Statistical Image Features (BSIF) results – computer vision applied to texture and face recognition, binary code for each pixel, used for texture classification, detect spoof, detect blurriness from a photo or other attack, differences in texture
paper by Ramachandra Raghavendra, Christoph Busch
What is IR? Infrared in electromagnetic spectrum
What is electromagnetic spectrum?
Angela Merkel,
German Defense Minister, Ursula van der Leyen
Jain, et al., has standed test of time, add more. Old attacks don’t go away, they incubate, and reappear in more vicious forms.
H, M, L: DNA, finger, signature
= iterative process to relatively quickly reconstruct a workable iris image from an iris template, is a classic “hill-climbing” attack that is a known vulnerability for all biometrics
Enrollment: add proofing
Nalina Ratha
Most of this is not unique, applies to any system. The unique part is the Presentation Attack, using fake biometrics or template modification, etc. Purple, additional attack vectors
This figure depicts a generic biometric system and identifies the points at which an adversary may attack a biometric authenticator. The elements of this system could be self-contained in a mobile device, where the biometric is never released, or the system can be distributed among multiple corroborating entities.
NIST’s proposed approach is to develop a framework that considers potential vulnerabilities and their respective mitigation strategies as the primary method of evaluating biometric authenticators.
Based on these evaluations, each mitigation strategy would be assigned a score, the aggregate of which creates an overall score representing the strength of authentication of the biometric authenticator.
Defining this framework must avoid aggregation of scores in a manner that obfuscates the mitigations applied across the appropriate threat vectors. That is, the framework must account for efforts to achieve a higher score by mitigating a significant number of vulnerabilities in only portions of the overall system, while leaving others vulnerable.
Wei and Zhang, RSA talk. From FireEye at the time.
Since been fixed.
A Black Hat vulnerability announcement is one of the best ways to get a fix moved to high priority in the next backlog grooming session. Jira ticket?
Zhang, RSA talk, 2015
Reese Witherspoon slide did not pass the husband test
2016, Army Research Laboratory and Universities
March 2016
Hindu temple located on the southern bank of the Vaigai River in the temple city of Madurai, Tamil Nadu, India
2016
Small budget, nation state or well-funded attacker organization
Sent email to Mahmood Sharif and Sruti Bhagavatula
Precedence: Cracking Classifiers for Evasion: A Case Study on the
Google’s Phishing Pages Filter
Note M4 and M6, Authentication – are you whom you say you are? Authorization – what can you do?
Juniper Research
Acuity
A common liveness detection method involving the user, and making it easy for attackers
Adele mask, available on Amazon
TBD: SC37 and ISO 30107
Lee Thompson said this snap of himself atop the Christ the Redeemer statue in Rio de Janiero was taken safely
Ongoing research
2016
Will the real Raghavendra please stand up?
Which one is the real one? Which one is the iPad picture? Which one is from a laser printer, or an inkjet printer?
Raghavendra and Busch
Local binary patterns (LBP) is a type of visual descriptor used for classification in computer vision. LBP is the particular case of the Texture Spectrum model proposed in 1990.[1][2] LBP was first described in 1994.[3][4] It has since been found to be a powerful feature for texture classification
The expense and higher power consumption dictate the sensors in smartphones and wearables.
2011 paper, 2009 work, The reconstructed fingerprint image shown here is NIST SD4, F0285
Why make a big deal? Ask vendor what they do for biometric template protection, if they don’t give a good answer, you can point them to some possible options.
Source for this is not young researchers, these are leading experts in the field from Canada, Finland, UK, Italy, France, Switzerland. Note Zahid Akhtar and Sebastien Marcel.
Source for this is not young researchers, these are leading experts in the field from Canada, Finland, UK, Italy, France, Switzerland. Note Zahid Akhtar and Sebastien Marcel.
Score is encrypted
High level, simplified
OPM, breaches announced in 2015, 21.5M, 5.6M fingerprint images from background checks, security clearances
Is it possible to recreate image from math model?
S: Feature extraction
AimBrain, Patent
RAW Sensory Data, DERIVED Sensory Data
Gartner
Avanade is Accenture/Microsoft JV
To that end, Accenture has taken the opportunity to launch a prototype identity system based on the Enterprise Ethereum Alliance’s “permissioned” blockchain protocol. It runs on Microsoft’s Azure cloud computing platform, and is designed to use fingerprint and iris biometrics, among others, for identification in a decentralized manner. Essentially, it’s meant to offer a means of identifying registered individuals by their biometric traits, without unnecessarily revealing other personal information, with trusted parties to the blockchain system assuring credibility.
The system’s focus on biometric identification should help to ensure compatibility with the UN refugee agency’s increasingly biometric approach; and it was announced along with the launch of the ID2020 Alliance, a consortium poised to support the solution’s development.
IBM Hyperledger Project, open source; asked Gary Lac for threat model
Note it states IMAGE and template data
IBM Hyperledger Project, open source; asked Gary Lac for threat model
DHS, Department of Homeland Security, INTERPOL, TSA, Department of Defense
RSA USA 2017, Uri Rivner of BioCatch
A devil’s advocate could state that the threat surface just exploded
Gartner
Oracle recently announced BaaS
Financial services are in race to bottom to remove friction
Launched September 2017
ACM is to software what IEEE is to hardware
FBI versus Apple
Hero researchers and pioneers
Prem Sewak Sudhish , Anil K. Jain , and Kai Cao
AimBrain, Patent
RAW Sensory Data, DERIVED Sensory Data
AimBrain, patent, June 2017
RAW Sensory Data, DERIVED Sensory Data
Wild West with terminology
What is Einstein’s definition of insanity?
Comparing Naked FARs does not count.
Why is this?
Greek goddess of universal remedy
S: which is the most critical issue ?
S: unlock device, then device and encryption
Earlier release, Touch ID with Local Authentication only available for Apple apps, now it is available for 3rd party apps
Syntax: adjective, adjective, noun
iOS
Is anything ever truly discarded in the digital world?
Ridges, whorls, arches
IEEE
Well documented cases. 2D and 3D spoofs.
2.5D, depth information provided
From ISO 30107 working group
Sébastien Marcel
Fujitsu has palm vein readers for healthcare
No touch, no germs
De-oxygenated blood, returning to the heart that is picked up.
PalmSecure is Fujitsu
Japan, ATMS
How well it work in bright sunlight? In a movie theater will it be obtrusive? In a meeting will it be obtrusive?
iPhone X, September 12 announcement, place orders in October, get in November
These two users have been paired to have the same height, weight, and BMI. As you can see, there are clear differences in how the two users sit down, as indicated by the grouping of dots.
September 12, 2017 iPhone X announcement
September 12, 2017 iPhone X announcement
Might be a weak link?
During the 9/12 announcement, Apple warned about this.
S: Does it apply to Dopplegangers too?
New NIST: biometrics may be used to unlock authenticators and prevent repudiation of registration.
Repudiation = denial
Zhang, RSA talk
In this case the Presentation Attack Detection worked, it identified a spoofed face.
Specular reflection = also known as regular reflection is the mirror-like reflection of waves, such as light, from a surface
Blurriness feature =
Chromatic moment = imperfect color reproduction property of printing and display media.
Color diversity = Genuine versus Spoof? Genuine has richer colors
Clarkson University
Effort is subjective. Look at Level C, 3D printed spoofs. Michigan.
Rhagvendra and Busch, 2017 paper in ACM Computing Survey
Blink, smile, turn heard one direction or the other
S: Texture
-1 is out
-2 in development, T of C
-3 draft out, 41 pages, 2016
DIS – Draft International Standard
FDIS – Final Draft International Standard
Plus FIDO working on biometric certification standard
Syntax: adjective, adjective, noun
Apple, Touch ID
This is taken from a video, the link is provided at the bottom of this slide.
2013, University of Oulu, Finland
3D mask for spoofing
Eyes cut out for blinking
ISO standards, Biometric Authentication, the term is deprecated
2013, debut of Touch ID, iPhone 5s
German Defense Minister, Ursula van der Leyen,took picture from 3m
German Chancellor, Angela Merkel, poster, 2015
How Mitigate Spoofing
Multi-factor
Multi-biometrics
Limit number of attempts, timeout mechanisms
Supervision with appropriate training
Device loss procedures
Presentation attack detection
Including liveness detection
Challenge-response
2014
Or, could be live person with special makeup or ability to mimic traits of the legitimate user
Enrollment and recognition stages in a biometric system. Here, T represents the biometric sample obtained during enrollment, Q is the query biometric sample obtained during recognition, XT and XQ are the template and query feature sets, respectively and S represents the match score.
IEEE
Three examples of anti-spoofing: 1) sensor, 2) feature extractor, 3) Score.
Vendors have plenty of examples of anti-spoofing techniques. They should incorporate these in product design, test, etc.
May 2016
Big debate
What does iPhone X do? Store on device, in secure enclave
New approach: split the biometric information between the user’s device and the data centre storage, meaning that if one is compromised, the hacker will not have all the information needed to gain verification
Repudiation: denial
If you are such a company that sells biometric SDKs for add ons, I apologize. I recently spent almost a year evaluating over 50 vendors. None of them passed.
Just say no to bolt ons
Why add SDK to SDK for biometrics? Support what is integrated, manufactured into the phone.
Private ethereum, Accenture's Biometric Identity Management System
Devices are associated with Identity Hubs via identity-signed registration of device-specific public attestation keys.
Hub-associated devices synchronize state and update locally cached data via subscription to, and processing of, the Identity Hub change feed.
My profile is on LinkedIn
I live at the intersection of Security, Privacy and Identity
More than a decade of Identity experience
Evaluated 50+ biometrics vendors to add Face and voice to an existing authentication platform, most failed anti-spoofing; none could provide a threat model