Top Biometric Identifiers: Risks & Rewards

©Veridium All Rights Reserved
Top Biometric Identifiers:
Risks & Rewards

B E FORE W E B E G IN
Attendees have been muted
You may submit questions at any
time, but we will respond at the
conclusion of the presentation
during the Q&A session

Asem Othman, PhD
Biometric Scientist
• PhD in Electrical Engineering from West Virginia University.
Post-Doc Fellow at Michigan State University
• Holds 3 patents/patents pending related to biometrics
• Lead scientist behind our 4 Fingers TouchlessID technology &
Distributed Data Model using Visual Cryptography
BE F O RE WE BE G IN

• The Power of Mobile Biometrics
• Top Five Biometric Identifiers
• The Privacy Issue
• How We Address Privacy Concerns
AGENDA

P ROV IN G ID E N T IT Y
Passwords only authorize
access, while
authentication is the
process of verifying the
claim that identity makes.
Identity is the “claim” you
make to access information,
but making that claim with a
password doesn’t prove who
you are.
Only biometrics – your
face, your voice, your
fingerprints – prove
you are who you say
you are.

Universality (Does every user have it?)
Distinctiveness (Is it unique across users?)
Permanence (Does it change over time?)
Collectability (Can it be measured quantitatively?)
H OW TO CH O O SE A BIO ME T RIC T RAIT

A biometric recognition system is a pattern recognition system
that recognize individuals based on their biometric trait(s)
BIO ME T RIC SYST E MS

• Touch ID made it easy (and
convenient) for the consumer
to understand biometrics.
• Accessing your phone
• Apple Pay
TO UCH ID

Finger
Face
Iris
Voice
Traditional Hardware Veridium Technologies
All major biometrics can be captured using different maneuvers with a smartphone
O UR AP P ROACH TO BIO ME T RICS

• Mobile devices have changed
the fundamental way we
interact with technology.
• Mobile devices allow for the
elimination of proprietary
hardware, moving beyond
traditional biometric scanners.
MO BILE BIO ME T RICS

Performance (Does it meet error rate, throughput..?)
Users Perception and Acceptability (Is it acceptable to users?)
Vulnerability (Can it be easily spoofed?)
App Integration (Can it be acquired by available devices?)
Large-Scale Adoption ”Usability” (What is the post-usage
attitude?)
“A P R AC T I C A L M O B I L E B I O M E T R I C ”
H OW TO CH O O SE A BIO ME T RIC T RAIT

• People are used to taking selfies.
• It’s socially accepted.
• It’s well established.
• Reliable face recognition systems are already in use.
FACE AS A MO BILE BIO ME T RIC

• Face – We Naturally Use It
• The location and shape of facial
attributes.
• The overall analysis of the face.
• In practice, a facial recognition system
should automatically …
• Detect the face.
• Locate the facial attribute.
• Recognize the face.
Shape
Color
Texture
Requiring a simple background and illumination
FACE AS A MO BILE BIO ME T RIC

The database is designed to test difficult real world situations that a face system must cope with.
The leading matcher algorithms performed very similarly on our test databases.
~3% FRR at 1% FAR for controlled illumination and office environments.
30-50% FRR at 1% FAR for whole database.
V E RID IUM FACE DATABASE

• Post-usage attitude:
• Pose variation
• Taking selfie in the middle of a
meeting, indoor, or outdoor
• Older generation
• Culture
• Womens‘ appearance concerns
• Twins and look-alikes
• Easily spoofed
ISSUE S

• Voice is a combination of physiological and
behavioral biometrics.
• An individual’s voice is based on the shape and size
of the appendages (e.g., vocal tracts, mouth, nasal
cavities, and lips) that are used in the synthesis of
the sound.
• Natural signal to produce.
• No visual contact is required.
• No special equipment is required.
• Can be done while doing other things.
VO ICE AS A BIO ME T RIC

• Text-dependent recognition
– Recognition system knows text was spoken by a person
– Examples: Fixed phrase, prompted phrase
– Used for applications with strong control over user input
– Knowledge of spoken text can improve system performance
• Text-independent recognition
– Recognition system does not know text was spoken by a
person
– Examples: User selected phrase, conversational speech
– Used for applications with less control over user input
– More flexible system but also more difficult problem
– Speech recognition can provide knowledge of spoken text
SP E E CH MO DALIT IE S

• The physiological characteristics of human speech are unvaried for an individual, but the
behavioral part of the speech of a person changes over time due to age, medical
conditions (such as common cold), emotional state, etc.
• Voice is also not very distinctive and may not be appropriate for large-scale identification.
• Acoustic environment and background noise
• Presentation attacks
• Tape recordings
• Identical twins / sound-alikes
• A disruption to working memory*
*Trewin, Shari, et al. "Biometric authentication on a mobile device: a study of user effort, error and task disruption." Proceedings of the 28th Annual Computer
Security Applications Conference. ACM, 2012.
ISSUE S

• Is the most well recognized biometric.
• A fingerprint is the pattern of ridges and valleys on
the surface of a fingertip.
• The formation of the fingerprint is determined
during the first seven months of fetal
development.
• Fingerprints of identical twins are different, as are
the prints on each finger of the same person.
• Fingerprints don’t change over time.
• It’s widely believed fingerprints are unique.
F IN G E RP RIN T AS A BIO ME T RIC

SMART P H O N E S WIT H F IN G E RP RIN T SE N SO RS

Ridge ending Bifurcation Short ridge
Minutia
Type x y θ
Ridge 35 24 12’
... ... ... ...
... ... ... ...
H OW F IN G E RP RIN T MATCH IN G WO RK S

• Proprietary acquisition sensors
• Scars and wet fingers
• Presentation attack
• Spoofing
ISSUE S

• The only internal “protected” organ readily
visible from the outside of a person.
• Unlike fingerprints, capturing the iris biometric
is similar to taking a picture.
• The iris pattern has a high degree of
randomness.
• Different even for identical twins.
• The pattern is stable through lifetime .
• Extremely difficult to surgically tamper the
texture of the iris.
IRIS AS A MO BILE BIO ME T RIC

Light Irises
“LIK E TAK IN G A P ICT URE ”

SMART P H O N E S WIT H IRIS SE N SO RS

• Proprietary acquisition sensor.
• Small target to acquire from a distance.
• Located behind a curved, wet, reflecting surface.
• Obscured by eyelashes,lenses.
• Partially occluded by eyelids, often drooping.
• Deforms non-elastically as pupil changes size.
• Uncomfortable for some.
Deviated gaze
Accessories
Illumination
Deformations
Motion blur
Occlusions
ISSUE S

• Multimodal Biometric system
• Consolidate the evidence presented by
multiple biometric sources.
• Typically provides better recognition
performance compared to systems
based on a single biometric modality.
• Provides anti-spoofing measures by
making it difficult for an intruder to
spoof multiple biometric instance
simultaneously.
Patent US 9,361,507

• False rejection rate (FRR) is as low as 1% at false acceptance rate (FAR) of 0.01%.
• 4 Fingers has its own light source (your phone’s flash) so it works in any lighting
condition
• 4 Fingers requires no external hardware.
• We just require a 5MP camera and LED flash.
• 4 Fingers is one of the most secure biometrics available.
4 Fingers is reliable in almost any environment

4 Fingers captured print 4 Fingers processed print Standard Fingerprint
Sensor
Minutiae
The contactless and contact prints are of comparable quality.
The minutia match.
Print Quality

• The Cooperative Research and Development Agreement (CRADA)
allows NIST to work with U.S. industry, academia and other
organizations on cooperative R&D projects
• Build upon NIST's research in developing methodologies for
measuring the image fidelity of contactless fingerprint capture
devices
• Produce open testing methods, metrics, and artifacts that will
support future certification of contactless fingerprint devices for
inclusion on Government Certified Products Lists
Contactless Fingerprint Capture Device
Measurement Research Program

• Missing finger
• Gloves
• Requires both hands
ISSUE S

CO MPARISO N O F TO P “MO BILE ” BIO ME T RIC T E CH N O LO GIE S
(H=High, M=Medium, L=Low)
Biometrics Universality Uniqueness Permanence Collectability Performance Acceptability
Face H L M H L H
Fingerprint M H H M* H M
Iris H H H M* H L*
Voice M L L M* L H
4 Fingers
TouchlessID*
H H H H H H
(H=High, M=Medium, L=Low)
Circumventions
(Presentation
Attack)
H
M
L
H
L
Anil K. Jain, Arun Ross, and Salil Prabhakar. "An introduction to biometric recognition." Appeared in IEEE Transactions on Circuits and Systems for Video
Technology, Special Issue on Image- and Video-Based Biometrics, Vol. 14, No. 1, January 2004.

• Familiarity with technology
• Experience with device
• Environment of use (e.g., indoor/outdoor, home/work, car/bus,…)
• Transaction value (e.g., small, medium, or large transactions)
• Time consuming tasks (e.g., enrollment, etc.)
USABILIT Y ISSUE S AN D LARG E - SCALE AD O P T IO N IN BIO ME T RICS

• Each biometric has its strengths and weaknesses.
• Liveness, Presentation Attack, Spoofing.
• No biometric is “optimal,” but many are “admissible.”
F IN AL WO RD S

• Biometric data of an individual is often stored in a central database
• Raises issues related to security and privacy of biometric data
• Unlike compromised passwords, it is difficult tore-issue biometric data
• Cross-database matching may be done to track individuals
P RE SE RV IN G DATA P RIVACY

O UR ST RAT E G Y – D IST RIBUT E D DATA

MATCH IN G – MO BILE /SE RV E R

Cryptography is simply the art of sending and receiving coded messages.
CRYP TO G RAP H Y

• Visual Cryptography Scheme (VCS) is a simple and secure way to allow the
secret sharing of secrets without any cryptographic computations.
• It is the encryption of visual information such that decryption can be
performed using the human visual system.
• Someone who has no previous knowledge of Cryptography.
• The mathematical proof of this scheme and its perfect encryption are shown in
the original paper by Naor & Shamir.
* M. Naor and A. Shamir, “Visual cryptography,” in EUROCRYPT, pp. 1–12, 1994.
V ISUAL CRYP TO G RAP H Y

V ISUAL CRYP TO G RAP H Y

For more information contact: Info@VeridiumID.com
Phone: +1 212.231.0011 • www.VeridiumID.com • Twitter: @VeridiumID • LinkedIn: Veridium
QUESTIONS?

Top Biometric Identifiers: Risks & Rewards

More Related Content

What's hot

Viewers also liked

Similar to Top Biometric Identifiers: Risks & Rewards

Recently uploaded

Top Biometric Identifiers: Risks & Rewards