The application of biometrics has significantly increased in today’s world and biometric systems are utilized in many scenarios such as social identification, access control to premises and computer networks, border and immigration services etc. Among all the biometric modalities, fingerprint scanning is the most widely used due to its familiarity and affordability. Although fingerprint systems provide a high level of security and reliability compared to other authentication methods, they are not completely spoof proof.
These systems are vulnerable to attacks at various levels such as sensor level, database level, data communication etc. Recent studies reveal the possibility of spoofing these systems by using artificial biometric samples such as fake fingerprints etc. Moreover, the widespread use of these systems has prompted researchers to analyse the fingerprint spoofing techniques and the protective measures to avoid such attacks. Although many hardware and software technologies exist to capture and process fingerprint, liveness detection of the fingerprint sample is still a major and challenging research issue.
Fingerprint spoofing and the points vulnerable to attacks
The method of attacking fingerprint systems by presenting artificial objects to the sensor is known as spoofing. These artificial objects have the ability to imitate the biological and behavioral characteristics of the modality that the system is designed to measure. The advancements of technology have resulted in upgraded and user friendly biometric systems but it has also revealed the weaknesses in security of fingerprint sensors. Nowadays, it is not unusual to find detailed guidelines on how to create fake fingerprints for spoofing sensors.
There are various points in a biometric system that can be vulnerable to spoofing attacks. Some of these attacks are listed below.
- Presentation attack: In this type of attack, the biometric modality is reproduced and presented at the inputs.
- Replication of biometric signal: The sensor is bypassed and the data stored previously is hacked and used.
- Replacing features: The extracted feature set from the input biometric trait is substituted with the false set.
- Overriding the matcher: The matcher is corrupted and the biometric sample is then matched with the false set.
These points of attacks are explained with the diagram given below.
What are the methods for spoofing
There are two main methods of spoofing biometric systems – Co-operative and non-cooperative.
Direct mold belongs to the category of co-operative spoofing in which a live finger mold is used to form the spoof. Usually materials like gelatin, play-doh and clay are used to make the spoof fingerprints and these materials also get easily scanned by the commercial scanners. This method of duplicating fingerprints is a co-operative process as the actual owner participates in the creation of the spoof. . After pressing the finger on a surface, negative impression of the fingerprint is fixed and mold is taken. The spoof is then formed by filling the mold with moisture-based material.
The second type of spoofing is non-cooperative and has four types – latent, fingerprint reactivation, cadaver and synthesis. Latent fingerprints are the impressions produced by the rigid skin on the human finger known as friction ridges. These are the marks left behind on a surface and may not be visible to the naked eye. Therefore, the area on which the fingerprint is left needs to be powdered with brush to flash the print.
In reactivation method, the latent fingerprint deposited on the sensor is reactivated by brushing the sensor with graphite powder. The cadaver method uses a dead finger for spoofing the sensor. The fingerprint synthesis method reconstructs the fingerprint image using templates like minutiae points present on the fingerprint. A digital image is then captured and transferred to the spoofing artifact.
Liveness detection also known as vitality detection is the capability of a biometric system to detect if a presented fingerprint sample is alive or not. It should also be able to verify that the sample belongs to the live enrolled and not just any living person. Therefore, it is essential for these systems to detect artificial fingerprints. Liveness detection can be executed in two approaches either at the acquisition or the processing stage. The main concern in these systems is determining at what level of security one can rely on the fingerprint readers. The reader is the front end of a biometric system and captures the fingerprint image using either an optical or solid-state type sensor. There are various techniques to determine the liveness of presented fingerprint data at sensor level. These techniques can be divided into two major categories – hardware based and software based.
What is hardware based spoof detection and its challenges?
Hardware based methods accomplish the liveness or vitality of fingerprint sample by sensing temperature, pulse oximetry, electrical conductivity, skin resistance etc. However, these methods require additional hardware and add to the cost of the reader making it expensive. Also, some of these methods may not operate efficiently in different environments. The limitations of the hardware based spoof detection methods are listed below.
- Temperature liveness detection technique lacks in its ability to detect wafer thin silicon rubbers.
- Pulse oximetry can be obstructed by using translucent spoofing fingerprint.
- Electrical conductivity can be fooled by using some saliva on the silicon artificial fingerprint.
What is software-based spoof detection?
This method of spoof detection consists of two techniques – dynamic based and static based. The dynamic based spoof detection techniques process multi-frame of the same fingerprint in two successive images that are captured within a finite time interval. There are two types of dynamic spoofing methods – ridge distortion based and perspiration based.
According to the ridge distortion based method, the distortion that is produced by pressing and moving a real finger on a scanner is more than a spoofed one. These distortions can be analysed by processing a sequence of frames at a very high rate. At the beginning, this method assumes the finger to be non-distorted and analyses its movements using optical flow. The precision of minutiae extraction and pairing influences the result and performance of this method.
Perspiration dynamic spoofing method is based on detecting the perspiration between human skin and other types of material. In human skin, the sweat starts from the pores and diffuses along the ridges which make the region between the pores darker. The resultant moisture pattern can be captured and it is found that live fingerprints show non-uniformity due to perspiration whereas spoofed ones exhibit high uniformity. The efficiency of this method can be further improved by investigating accuracy and environmental conditions.
The static based spoof detection methods are analysed by using single fingerprint impression and comparing it with others. These methods consider textual characteristics, skin elasticity, perspiration, pores or a combination of these features. Static methods are cheaper and faster as compared to the dynamic methods of spoof detection and usually require less cooperation from the user. The pores based static method uses a very high resolution sensor to acquire the fingerprint image. This method can also be used by applying two filters. A high pass filter can be used to extract the active sweat pores whereas a correlation filter can be used for locating the position of the pores. Sweat pores can be used for liveness detection as it is extremely difficult to copy them in artificial fingerprints.
What are the challenges in the field of anti-spoofing?
Most anti-spoofing or liveness detection algorithms differentiate live fingerprints from fake ones by learning a decision policy that is based on a set of training samples containing both live and fake fingerprints. When the spoofs encountered in the test set are made from materials previously encountered in the training set, the performance of the spoof detection algorithms is optimistically biased. It has been found that the performance of spoof detection algorithm decreases when different materials are used in the training and test sets. Therefore, it becomes extremely important to develop anti-spoofing algorithms that do not get affected by the fabrication material used to create the spoofs.
Spoof detection schemes that are learning-based may often be impacted by the fingerprint sensor that is used to capture the images. It is quite likely that the spoof detection algorithm may be unsuccessful in detecting spoofs if a different sensor is used during testing. Other human factors such as finger pressure, placement and physiology along with environmental factors such as temperature and humidity can affect the performance of spoof detection algorithms. Thus developing interoperable spoof detection algorithms becomes highly important.
The need to develop and rigorously implement methods that certify the level of security of a fingerprint system against spoof attacks is also of paramount importance. But the development of such a certification scheme is not easy as a large number of fabrication materials can be used to generate spoofs and it is also difficult to predict the kinds of spoof attacks that may be launched in the future. Moreover, the development of new fingerprint acquisition sensors may change the types of materials that are now relevant for spoof attacks.
The growth of mobile biometrics also highlights the pressing need for designing anti-spoofing techniques that can be integrated in resource-constrained devices such as smartphones. Therefore, the existing hardware-based and software-based anti-spoofing measures need to be modified so that they can be used in diverse computing platforms.
Therefore, we see that the methods of anti-spoofing represent a challenging problem and must satisfy various requirements. These methods must be non-invasive and in no case should be harmful or require excessive contact with the user. They should also be user-friendly and fast. The results should be generated quickly as the user’s interaction with the sensor need to be kept as short as possible. These methods should also satisfy the requirements of low cost and high performance. In addition to having a good spoof detection rate, the method should make sure not to degrade the recognition performance of the fingerprint system.
With the advancements in biometric technology, the attacks on fingerprint systems have also become sophisticated over the past few years. Therefore, it is extremely important to develop robust liveness detection or anti-spoofing mechanisms in order to maintain the integrity of fingerprint biometric systems. In this article, we have discussed the various types of spoof attacks and the countermeasures available to detect such attacks. We also discussed the challenges in anti-spoofing and the need for designing robust anti-spoofing schemes for biometric systems.