Abstract
This work aims to highlight the fundamental issue surrounding biometric security systems: it’s all very nice until a biometric is forged, but what do we do after that? Granted, biometric systems are by physical nature supposedly much harder to forge than other factors of authentication since biometrics on a human body are by right unique to the particular human person. Yet it is also due to this physical nature that makes it much more catastrophic when a forgery does occur, because it implies that this uniqueness has been forged as well, threatening the human individuality; and since crime has by convention relied on identifying suspects by biometric characteristics, loss of this biometric uniqueness has devastating consequences on the freedom and basic human rights of the victimized individual. This uniqueness forgery implication also raises the motivation on the adversary to forge since a successful forgery leads to much more impersonation situations when biometric systems are used i.e. physical presence at crime scenes, identification and access to security systems and premises, access to financial accounts and hence the ability to use the victim’s finances. Depending on the gains, a desperate highly motivated adversary may even resort to directly obtaining the victim’s biometric parts by force e.g. severing the parts from the victim’s body; this poses a risk and threat not just to the individual’s uniqueness claim but also to personal safety and well being. One may then wonder if it is worth putting one’s assets, property and safety into the hands of biometrics based systems when the consequences of biometric forgery far outweigh the consequences of system compromises when no biometrics are used.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abhyankar, A., Schukers, S.A.C.: Integrating a Wavelet based Perspiration Liveness Check with Fingerprint Recognition. Pattern Recognition 42(3), 452–464 (2009)
Antonelli, A., Cappelli, R., Maio, D., Maltoni, D.: Fake Finger Detection by Skin Distortion Analysis. IEEE Trans. Information Forensics and Security 1(3), 360–373 (2006)
Atchison, D.A., Maxwell, E.L., Kasthurirangnan, S., Pope, J.M., Smith, G., Swann, P.G.: Age-related Changes in Optical and Biometric Charateristics of Emmetropic Eyes. Journal of Vision 8(4), 1–20 (2008)
Baldisserra, D., Franco, A., Maio, D., Maltoni, D.: Fake Fingerprint Detection by Odor Analysis. In: Zhang, D., Jain, A.K. (eds.) ICB 2005. LNCS, vol. 3832, pp. 265–272. Springer, Heidelberg (2006)
BBC, Japanese Smokers to Face Age Test (last revised May 12, 2008), http://news.bbc.co.uk/1/hi/world/asia-pacific/7395910.stm (accessed March 30, 2009)
Bellare, M., Miner, S.K.: A Forward-Secure Digital Signature Scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)
Bellare, M., Yee, B.S.: Forward-Security in Private-Key Cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 1–18. Springer, Heidelberg (2003)
BusinessWeek, Biometrics: Vein Scanners Show Promise (February 6, 2007), http://www.businessweek.com/globalbiz/content/feb2007/gb20070206_099354.htm (accessed March 30, 2009)
Derakhshani, R., Schukers, S.A.C., Hornak, L.A., O’Gorman, L.: Determination of Vitality from a Non-invasive Biomedical Measurement for Use in Fingerprint Scanners. Pattern Recognition 36(2), 383–396 (2003)
Dodis, Y., Franklin, M.K., Katz, J., Yung, M.: Intrusion-Resilient Public-Key Encryption. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 19–32. Springer, Heidelberg (2003)
Dodis, Y., Katz, J., Xu, S., Yung, M.: Key-Insulated Public-Key Cryptosystems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 65–82. Springer, Heidelberg (2002)
Gallager, A.C.: Determining the Age of a Human Subject in a Digital Image, US Patent Application, March 2, 2006. US Patent & Trademark Office (2006)
Itkis, G., Reyzin, L.: SiBIR: Signer-Base Intrusion-Resilient Signatures. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 499–514. Springer, Heidelberg (2002)
Karlof, C., Tygar, J.D., Wagner, D.: Conditioned-safe Ceremonies and a User Study of an Application to Web Authentication. In: Proc. NDSS 2009 (to appear, 2009)
Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of Artificial Gummy Fingers on Fingerprint Systems. In: Proc. SPIE. Optical Security and Counterfeit Deterrence Techniques IV, vol. 4677 (2002)
New Scientist, Red-eye Age Checker (April 27, 2006), http://www.newscientist.com/blog/invention/2006/04/red-eye-age-checker.html (accessed March 30, 2009)
Phan, R.C.-W., Choo, K.-K.R., Heng, S.-H.: Security of a Leakage-Resilient Protocol for Key Establishment and Mutual Authentication. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 169–177. Springer, Heidelberg (2007)
Pointcheval, D., Zimmer, S.: Multi-Factor Authenticated Key Exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)
RSA, RSA Security and i-Mature Partner on Next-Generation Biometric Technology to Further Protect Children on the Internet (February 7, 2005)
Sankei Sport, Magazine Bought Photos of ... Certain Loopholes in the Vending Machine (June 24, 2008) (in Japanese), http://www.sanspo.com/shakai/news/080624/sha0806240502003-n1.htm (accessed March 30, 2009)
Shin, S., Kobara, K., Imai, H.: Leakage-Resilient Authenticated Key Establishment Protocols. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 155–172. Springer, Heidelberg (2003)
Tan, R., Osman, V., Tan, G.: Ear Size as a Predictor of Chronological Age. Archives of Gerontology and Geriatrics 25(2), 187–191 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Phan, R.C.W., Whitley, J.N., Parish, D.J. (2009). On the Design of Forgiving Biometric Security Systems. In: Camenisch, J., Kesdogan, D. (eds) iNetSec 2009 – Open Research Problems in Network Security. 2009. IFIP Advances in Information and Communication Technology, vol 309. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05437-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-05437-2_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05436-5
Online ISBN: 978-3-642-05437-2
eBook Packages: Computer ScienceComputer Science (R0)