Your face can be replicated in a virtual model and used for biometric authentication, suggests new research from a University of North Carolina team.
As Wired reports, the researchers showed how this can be done at the recent Usenix security conference. They looked up digital images of volunteers on social networks such as Facebook and LinkedIn, and then used those images to build virtual renderings of the subjects’ faces. Those 3D models were then tried against readily available facial recognition systems: 1D, BioID, KeyLemon, Mobius, and TrueKey. The faces were even animated to mimic liveness detection cues such as blinking or smiling.
This technique allowed the researchers to successfully authenticate via four of the five systems with a success rate ranging from 55 to 85 percent. Prominent biometrics researcher Dr. Anil Jain told Wired, “It is now well known that face biometrics are easy to spoof compared to other major biometric modalities, namely fingerprints and irises.”
The findings should offer some validation to those focused on multi-factor solutions and also the biometric modalities mentioned by Dr. Jain—as in the case of Samsung’s Note7 smartphone’s iris scanning. Furthermore, facial recognition that incorporates infrared imaging, such as that of Windows Hello, also offers more security since infrared signals can’t be replicated virtually. As always, while spoofing techniques continue to advance, so do the biometric security solutions.
August 24, 2016 – by Alex Perala