Liveness Detection and Anti-Spoofing Measures
As biometric measurement is becoming more acceptable to the public, circumvention is becoming more attractive to those who wish to undermine the integrity and reliability of said systems. Any biometric modality and/or system is vulnerable, and it is doubtful there will ever be a system totally immune to spoofing when given enough time. Spoofing is a sensor-level attack (often referred to as a “presentation” attack) in which a valid biometric identifier such as a fingerprint is replaced by someone wishing to impersonate the authentic and valid user.
Diamond Fortress Technologies does not release specifics of the LDAS (Liveness Detection and Anti-Spoofing) technology used in the ONYX™ system for obvious reasons: if the measures taken were publicly known, attackers would know exactly which factors they need to compromise the system. Therefore, rather than discussing the particulars of the current and planned LDAS implementations in ONYX™. DFT does employ some methods that are less widely known, and we have also developed proprietary LDAS techniques – some of which are in use currently and others which are planned to be included with future versions of ONYX. Not only do we consider current approaches, but we are also constantly testing against emerging and possible future spoofing mechanisms.
Just as there has never been a lock immune to picking, there isn’t a biometric solution that is immune to every method of exploitation. To combat this, we at DFT are proactively predicting the future actions of possible attackers. We aren’t trying to stay one step ahead of the spoofers; we’re staying many steps ahead. We maintain large databases of fingerprint images and templates that we test against rigorously. We also do predictive testing against other methods that may emerge. We have the input of five engineers from our “anti-spoof group,” and we sometimes consult with engineers from the biomedical, optical, electrical, computer science and computer vision fields. We have developed an enormous amount of resources in this area, and all are utilized to make our software as immune as it can be to presentation attempts.
The LDAS system is part of the ONYX5 release and is being offered as a free update to licensees of previous versions of ONYX. (Security updates are distributed at no additional cost to all licensees according to DFT’s current policies.) Hopefully, this post has provided a basic understanding of the LDAS technology available to Diamond Fortress. Quite a few other more obscure methods exist, and we have developed some proprietary mechanisms specific to ONYX to combat spoofing. No biometric vendor can claim to be 100% immune to these types of attacks, but DFT places considerable emphasis on anti-spoofing tactics and the overall security of ONYX. When new technology emerges, new methods of attack emerge, so DFT is continuously evaluating and strengthening the security measures that are implemented in ONYX.