During my time at Starlab, I participated in the TABULA RASA project, which addressed some of the issues of direct (spoofing) attacks to trusted biometric systems.
It has recently been shown that conventional biometric techniques, such as fingerprints and face, are vulnerable to direct (spoof) attacks. Direct attacks are usually performed by falsifying the biometric trait and then presenting this falsified information to the biometric system. One such example is to fool a fingerprint system by copying the fingerprint of another person and creating an artificial or gummy finger, which can then be presented to the biometric system to falsely gain access. This issue affects not only companies in the high security field, but also emerging small and medium sized enterprises (SMEs) that wish to sell biometric technologies in emerging fields.
In particular the TABULA RASA project was designed to (1) address the need for a draft set of standards to examine this problem, (2) propose countermeasures such as combining biometric information from multiple sources, and (3) examine novel biometrics that may be inherently robust to direct attacks.
The first issue of a draft set of standards was addressed by analyzing the effectiveness of direct attacks to a range of biometrics, providing an insight as to how vulnerable the different biometric traits are to these attacks. The second issue of countermeasures was explored in two lines: the first line of work seeks to combine multiple biometric traits to build a single system that is robust to direct attacks, while the second line of work is aimed at examining novel methods to perform liveness detection. Finally, novel biometrics which might be inherently robust to direct attacks, such as gait (the manner in which someone walks), vein or electro-physiological signals (such as the heart beat), were explored to determine their advantages and limitations.
Check the project’s website for mire information.