Iris Biometrics: Come on Down!

It’s not a real biometric modality until someone hacks it (yes, I’m talking to you foot, ear and butt). So cheer up, iris. You’re in good company.

Black Hat: Hacking iris recognition systems (Bank Info Security) UPDATE: Link was wrong before, fixed now.

The article is short on detail about how and how successfully iris systems have been hacked but more information will certainly follow Black Hat’s presentation on July 25 summarized as follows:

FROM THE IRISCODE TO THE IRIS: A NEW VULNERABILITY OF IRIS RECOGNITION SYSTEMS

A binary iriscode is a very compact representation of an iris image, and, for a long time, it has been assumed that it did not contain enough information to allow the reconstruction of the original iris. The present work proposes a novel probabilistic approach to reconstruct iris images from binary templates and analyzes to what extent the reconstructed samples are similar to the original ones (that is, those from which the templates were extracted). The performance of the reconstruction technique is assessed by estimating the success chances of an attack carried out with the synthetic iris patterns against a commercial iris recognition system. The experimental results show that the reconstructed images are very realistic and that, even though a human expert would not be easily deceived by them, there is a high chance that they can break into an iris recognition system.

Stay tuned.

The FBI Eyes the Future

Hello, Big Brother: FBI Is Building a Database of Iris Scans (Mashable)

By 2014, the FBI plans to test a database for searching iris scans nationwide to quickly track criminals, according to budget documents and a contractor working on the project.

The Next-Generation Identification system, a multiyear $1 billion program already under way, is expanding the server capacity of the FBI’s old fingerprint database to allow for rapid matching of additional physical identifiers, including facial images and palm prints.

Read all the way to the end for a discussion of the civil liberties issues from the inside with Tom Bush (former director if CJIS).

First-hand account of a “Vacation in Utopia”

A delightful vignette of a possible biometric future written by Dr. Ben Ajayi…

You are unique and wonderfully made (Nigerian Tribune)

The billboard was not done with me as it flashed another page for me to read, “Dr. Ben, you are unique and wonderfully made. Of all persons alive today and even those who have lived before you since the beginning of time not one is like you. Your voice is special; no other fingerprints are like yours; no-one looks like you; speaks exactly like you; laughs like you; walks like you with your exact weight, height and mannerism. We use all these facts in our data base to identify you. Do please feel free to enjoy our country.”

h/t @m2sys

Evolving Understanding of the Evolving Iris

Ageing eyes hinder biometric scans (Nature)

“One iris biometric marketing claim has been that the iris allowed ‘a single enrolment for a lifetime’. This claim is now proven to be false,” he says.

The likelihood of software incorrectly matching two irises from different people is around 1 in 2 million (known as the false match rate). So in practical terms, Bowyer’s results suggest that the false match rate for a system would increase to 2.5 in 2 million after three years had elapsed. This rate sounds low, but the effect appears to be cumulative, says Bowyer: “So although you might not really notice the problem after one year or two years, after five or ten years it can become a huge problem,” he explains.

But some are not convinced that the iris ageing effect will make a noticeable difference to the false match rate — even in huge national iris-identification schemes such as India’s, which so far has more than 200 million people enrolled. Biometrics expert Vijayakumar Bhagavatula of Carnegie Mellon University in Pittsburgh, Pennsylvania, says: “In my opinion, the impact of this research is to suggest that iris templates should be periodically updated.”

The iris isn’t the only thing that is changing over time, though. The matching algorithm changes, too. It seems to me that it’s important to know whether iris matching algorithms are becoming “smarter” faster than a person’s iris can change.

Customers should probably keep current on their support contract, just in case.

Translate »