Home > News > Industry News > The Good and Bad of Biometrics.....
Browse Categories
Face Recognition Temperature(7)
New Arrival(26)
Hot Products(12)
Fingerprint Scanner(23)
Handheld Terminal Series(14)
POS Terminal(5)
Time Attendance Series(14)
Access Control Series(6)
Personal Security Protection(4)
Sales Promotion(35)
Door Lock Series(11)
Camera Series(11)
Explosion Models
Contact us
Tel:+86-23-67305242 :
Mobile:+86-13667681778
Email:info@hfcctv.com
Web:http://www.hfteco.com/
Facebook:Huifan Technology
Contact Now

News

The Good and Bad of Biometrics Technology

  • Author:HFSecurity
  • Release on:2021-01-28
01.Introduction

As part of our ongoing goal, HFSecurity has turned a passwordless future into reality, and HFSecurity has adopted biometrics as a convenient authentication mechanism for future use with this protocol. Biometric technology is great! They are indeed very convenient and can ensure safety. However, some implementations are not so, and it is not always clear whether a given implementation is safe. In this article, we hope to clarify the various threats that biometric technology can defend against. We will study which characteristics of biometric technologies make them good or bad in resisting one threat rather than another. Then, we will study different fingerprint, facial recognition and vein scanning technologies in more depth, and the strengths or weaknesses of these technologies.

It is natural to have some doubts about using biometrics instead of passwords. After all, biometric technology is not a secret. Let me repeat it, but louder.

Biometric technology is not a secret.

Humans leave fingerprints everywhere, and in most places, it is not common to hide or cover up faces in public. OPM hackers, Biostar leaks and many other leaks have exposed huge biometric databases. Fortunately, this will not reduce the security of biometrics, because we did not rely on their confidentiality in the first place. But it does need to consider when to use biometric technology to guard against threats and prevent unauthorized access to our data.

First, suppose anyone who wants to get your fingerprint or face photo can get it. When you use biometric technology to unlock your phone or log in to your laptop, you rely on the fact that even if the attacker has a perfect 2D fingerprint or fingerprint image, it is difficult for the attacker to fool the biometric sensor. face.

When we log in to the website using fingerprint or face unlock function, we do not actually send the biometric information to the website like using a password, nor will it be stored by the service provider or website. Instead, biometrics is used to locally unlock a key stored on a device (such as a phone or laptop) and then use that key to log in. Unless we still don't send the key to the website, because mathematics allows us to prove possession of the secret key without sharing it. Only you can use biometric identification and device unlock keys. Well what are you, what do you have. There are two factors in one step. It's so convenient. What if we forget the password and only biometric information is left? Is this safe enough?

Facial Recognition Device

02.Threat Vector

It is easy to think of a situation where biometric identification is weaker than passwords. What if someone can force you to unlock your phone? From an internal point of view, it is safer to use a password because no one can read the mind (so far!). However, if we comprehensively study all possible threats, we will find that biometrics are usually robust with weak passwords.

Compulsive

Advantage: may be a password

In some cases, users may feel forced to unlock the device or log in to their account. In the legal context, judges or transit agents may try to force them to do so. In many jurisdictions, judges cannot force users to disclose passwords, but can order users to provide their biometric information. In a given jurisdiction, whether any one is legal is not so important, because it can still happen. May use biometrics against the user's wishes. In theory, passwords enable users to maintain the ability to lock their devices. However, even so, if the competent authority wants severe enough access rights, it can be bypassed.

From a crime perspective, few people can resist the threat of violence to prevent their devices from being unlocked, although this is still possible. Using passwords (and some predictability), users can also choose to hide real data in hidden volumes instead of on the primary partition. It is also possible to use a specific fingerprint (such as your little finger) to unlock the duress function, but doing so may be suspicious, and the duress may force the user to use their standard biological characteristics.

Although passwords have advantages in this threat environment, for most people, they are unlikely to commit robbery or legal judgments against this situation, because this rarely happens. Even so, regardless of the credential selection, the enforcement may still be effective.

Malicious software

Advantage: tie

A very common way to compromise an account is to compromise the device login. Whether it is a PC or a mobile phone, running untrusted applications, visiting the wrong website, or executing untrusted email attachments can infect the device. New threats are being discovered all the time, and users are often powerless to prevent infection until a patch is developed and released.

If the device you use to log in to the website is infected, it doesn’t matter whether you log in with a password or biometric information. If the malware has the complexity of monitoring the login process, it can easily steal any session tokens or cookies that can be used for subsequent access to the account. Since the user can be kept safe no matter which method is used, when the threat context is malware, we believe that passwords or biometric technology have no advantage. Keeping equipment updated is essential.

Side note: The HFSecurity application can perform health checks to help determine when a new patch is available for your device to help protect against malware.

Malware may be a way for an attacker to obtain a user's password, although there are many other ways. Once the password is stolen, it can allow future sessions and other services to be compromised from a remote location.

Facial Recognition Device

Remote attacker

Advantage: Biometrics

When the threat context is a remote attacker, the biometric + secret key method has many advantages over the use of passwords. First of all, password reuse is a common practice and will increase the impact of user password disclosure. If an attacker places malware on the user’s device and captures its biometrics (fingerprints, facial scans, etc.), since the secret key is stored in a hardware security module (HSM) such as Google, they cannot easily use the malicious software. The software accesses other accounts. . However, if the attacker captures the user's password, they can try to reuse the password among other interested websites (such as major banking websites, social networks, and email providers).


However, suppose the user is doing due diligence and uses a password manager to generate unique, long and random passwords (one in ten people use a password manager). If they need to copy and paste the password into the form field, they may be deceived. Password managers can prevent the automatic filling of credentials into the wrong website, but it is not a perfect method, and reasonable guesses must be made for mobile applications that do not have a verifiable domain name field. This is one of the reasons why multi-factor authentication (MFA) (such as one-time passwords) is so important: it can provide a second layer of defense in case the user's primary credentials are compromised. But most MFA methods can also be counterfeited, and attackers have also begun to build multi-factor automatic counterfeiting tools.

The use of biometric technology in combination with WebAuthn and FIDO2 eliminates the ambiguity around passwords, and uses strong encryption technology to prove to the website that the user has a device that holds the key and uses biometric technology to verify their identity. WebAuthn (used with appropriate HSM) cannot be counterfeited. The WebAuthn identity certificate is constructed in a way that if the user is on a phishing site, it cannot be created at all. This completely eliminates phishing and remote disclosure of the user's primary credentials.

In order to log in as the victim, the attacker must now place the malware on the victim's device or steal the device itself in the meat space, thereby redefining the threat as a highly targeted local attack. Since biometrics are the reason for unlocking the HSM, the problem is reduced to only the problem of unlocking the device. To attack the system, the biometric sensor must be tricked to falsely verify the user's identity. Even if this is easy, remote attackers must now target each user specifically and attack physical processes in the real world. This in itself raises the bar to the point that by adopting a more convenient authentication method, an entire category of remote attacks can be eliminated overnight.

Local attacker (not mandatory)

Advantage: depends on the strength of biometric technology

We can vividly imagine a threat environment where a device is lost or stolen, and we fear that the discoverer/thief might try to unlock it. This is different from a forced situation, as there is no violence or threat of force, but the thief may be able to observe your use of the device before stealing it or obtain biometric data later. Thieves can take photos to record facial information, videos can record passwords typed in, or they can lift fingerprints for later use.

In this case, your unlocking mechanism is secret, not whether the attacker can copy the physical process is not so important. If the attacker can record the password you entered, it is simple to re-enter the password on the stolen device. Depending on the type of biometrics and sensors used, stolen biometrics may be equally easy to enter, or the difficulty may increase by orders of magnitude.

HFSecurity Face Recognition Device

03.Assess biometrics

In the following sections, we will evaluate the advantages and disadvantages of three different biometric technologies: fingerprint scanning, facial recognition, and vein scanning. Before we start, we need a framework to evaluate them. Biometrics ultimately depends on two key attributes: the ability to uniquely identify a single user, and the difficulty of deceiving and disguising the biometrics with the identity of a specific user.

In order for biometrics technology to be able to indicate user identity well, we must measure things that are both unique and distinguishable between users. Regardless of adversarial tampering, for biometrics to be effective, they must have both a low false alarm rate and a low false alarm rate. In biometric terms, we use the terms false acceptance rate (FAR) and false rejection rate (FRR) respectively to describe the percentage of chances that wrong users will be wrongly accepted or correct users will be wrongly rejected.

FIDO Alliance, a leading certification standards organization, has stipulated certification requirements, that is, the number of failed biometric identification (FRR) attempts should not exceed 3 times of 100, and the number of successful invalid biometric identification (FAR) attempts should not exceed 10,000 attempts. In 1. A lower FRR is necessary for usability, but from a security perspective, a lower FAR is more important because we really don’t want our devices and accounts to be unlocked for the wrong person. However, the device usually locks after a certain number of failed attempts, so the FAR actually only needs to be small enough to prevent repeated random attempts from being an effective attack strategy.

There is also a third indicator, called impostor attack representation match rate (IAPMR) in FIDO terminology, and imposter acceptance rate (IAR)/spoof acceptance rate (SAR) in Android terminology. These metrics attempt to define a common test method to determine the rate of success of active biometric attacks. Although these outlined programs may show promise in the future, we have no indication that they are being used. Even each biometric technology within the same sensor category (fingerprints, facial recognition, etc.) is vulnerable to different types of attacks. Measuring the sensitivity of these attacks depends on understanding and developing a test suite for each biometric method and individual attack type, which largely involves classifying existing known attacks.

Finally, manufacturers rarely publish their FAR and FRR rates, and do not publish data that generates these rates. Data in the entire industry is very scarce, and only a few products have obtained the minimum responsibility through the opaque FIDO certification. Therefore, in the following sections, we will delve into different biometric recognition technologies and their advantages and disadvantages. We must rely on deductive reasoning rather than hard data to assume the advantages and disadvantages of each technology. Crucially, we have observed that the best biometric sensors include some form of activity checking, which makes cheating biometrics more difficult.

RA08T Face Recognition Temperature (2)

04. Fingerprint Scanner

Fingerprints have been used as a biometric technology for decades. We think they are unique because the government uses them to identify people. But how unique are they really? As a reference, in manual fingerprint analysis conducted by experts, the FRR is usually 7.5% and the FAR is 0.1%, which is usually based on a small sample of less than 1000 test cases. However, other studies estimate that the FAR rate is much higher. This is at best an order of magnitude worse than FIDO's 0.01% FAR rate. Unfortunately, for electronic fingerprint scanners, there does not seem to be any publicly available data on FAR and FRR rates. But let us assume that the FAR rate is sufficient to prevent accidental unauthorized device unlocking and look at the fingerprint scanner in a confrontational manner.

There are currently three main fingerprint scanning technologies: optical, ultrasonic and capacitive. The optical fingerprint scanner uses the scanner to take a two-dimensional image of the fingerprint and then compares it with the registered fingerprint. As you can imagine, this makes deception as simple as printing an image of a valid fingerprint on a sheet of paper. The optical fingerprint scanner is obsolete.

Capacitive fingerprint scanners are close behind. The grid used by capacitive scanners is very small and its electrical switch density is very high. When conductive human skin touches one of these switches, it will close the circuit of the switch. The grid is dense enough and sensitive enough that the ridges (rather than valleys) of a human fingerprint will close the circuits on all switches in a fingerprint-shaped pattern on the capacitive sensor. In this way, the sensor can obtain a 2D image of the user's fingerprint and compare it with the registered fingerprint. It is important to note that although 2D images will eventually be captured, the mechanical principle of the sensor requires that the fingerprint must be conductive. Although conductive silver ink can be used for 3D printing or even 2D printing of fingerprints on conductive AgIC paper, this is a major obstacle that attackers must overcome.

Ultrasonic fingerprint scanning has recently become popular among major device manufacturers such as Samsung and OnePlus. The difference between ultrasonic scanners and capacitive scanners is that they can scan fingerprints anywhere on the screen of the mobile device. They use sound waves to build a 3D model of a finger pressed against the glass, but it does not seem to measure the conductivity of a fingerprint like a capacitive sensor. The main advantage of this approach seems to be usability.

Compared with capacitive sensors, ultrasonic scanners have greater flexibility in finger placement, and it is reported that the consistency of scanning fingerprints is higher because dust and oil on the capacitive sensors can cause malfunctions. However, if the conductivity of the fingerprint is not tested, the ultrasonic sensor seems very happy to accept a 3D printed copy of the user's fingerprint. Researchers and technical journalists have documented this extensively on the recently released flagship phones of the two companies Samsung Galaxy S10 and OnePlus 7 Pro. In a weird mistake, the S10's sensor may even be confused by the screen protector. Although it can be fixed quickly, all fingerprints can be registered as valid fingerprints.

3D printing methods are likely not limited to these specific phones or manufacturers, but a general attack on the entire category of ultrasonic fingerprint scanners. However, generating a 3D copy from a fingerprint raised in 2D still requires special equipment and raises the standard of compromise. It is not clear whether ultrasonic scanners or capacitive scanners are ultimately “safer”, but although both are impermeable, they are easy to bypass.

Although not a perfect "lifetime" indicator, the electrical conductivity requirements of capacitive sensors do increase the difficulty of deceiving fingerprints. Imagine a dual sensor that uses both the ultrasonic sensor and the capacitive grid built into the front screen of the mobile device to observe the fingerprint twice. This will increase the difficulty of tricking fingerprints into 3D printing that requires conductivity. However, it is not clear whether the increase in marginal security is worth the added cost, especially considering other biometric options.

Facial Recognition Device

05.Face recognition

This may be partly due to the lack of fingerprint scanners, and of course for convenience, in recent years, facial recognition has become a more popular biometric technology for mobile devices and laptops. The latest iPhones (X and 11) and Google's Pixel 4 have adopted facial recognition as the main biometric sensor, completely avoiding fingerprint scanners. Facial recognition uses one or more front-facing cameras to take an image of the user’s face, and if it matches the registered user’s face, the device can be unlocked. We understand that human faces are unique because, as human beings, we can recognize individuals with high confidence, but in many respects, the true effect of computer-driven face recognition is still unclear. The only metric I can find is that Apple claims that the false acceptance rate of FaceID non-twin adults is only one in 1,000,000, which is 100 times higher than the FIDO standard. However, Apple did not provide a calculation method for this number.

There are two main methods for facial recognition. The first is to use the front camera to take an image of the user's face, extract features (such as relative position, the size and shape of the eyes, nose, and mouth), and compare these features with the facial features of the registered user. If they match enough, the device will unlock. Basically, however, this method compares one or more 2D images with another 2D image in the database. Just like an optical fingerprint scanner (luckily, this method has been discontinued), this method can be fooled by high-resolution photos. This "safety" mechanism is mainly in the security field. Until January 2020, this is the facial recognition used on almost all Android phones.


Related News:

Facial Recognition Is Everywhere. Here’s What We Can Do About It

Face recognition visitor machine makes front desk visitors smarter

The future development of face recognition will break through the scope of security applications

website: www.hfteco.com

website: www.china-attendance.com

Email: info@hfcctv.com

HFSecurity Face Recognition DeviceFacial Recognition DeviceFacial Recognition DeviceFacial Recognition Device

HFSecurity Face Recognition Device HFSecurity Face Recognition Device