DeepMasterPrints: Generating MasterPrints for Dictionary Attacks via Latent Variable Evolution

Recent research has demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks based on MasterPrints. MasterPrints are real or synthetic fingerprints that can fortuitously match with a large number of fingerprints thereby undermining the security afforded by fingerprint systems. Previous work by Roy et al. generated synthetic MasterPrints at the feature-level. In this work we generate complete image-level MasterPrints known as DeepMasterPrints, whose attack accuracy is found to be much superior than that of previous methods. The proposed method, referred to as Latent Variable Evolution, is based on training a Generative Adversarial Network on a set of real fingerprint images. Stochastic search in the form of the Covariance Matrix Adaptation Evolution Strategy is then used to search for latent input variables to the generator network that can maximize the number of impostor matches as assessed by a fingerprint recognizer. Experiments convey the efficacy of the proposed method in generating DeepMasterPrints. The underlying method is likely to have broad applications in fingerprint security as well as fingerprint synthesis.Comment: 8 pages; added new verification systems and diagrams. Accepted to conference Biometrics: Theory, Applications, and Systems 201

Combining multiple biometrics to protect privacy

As biometrics are gaining popularity, there is increased concern over the loss of privacy and potential misuse of biometric data held in central repositories. The association of fingerprints with criminals raises further concerns. On the other hand, the alternative suggestion of keeping biometric data in smart cards does not solve the problem, since forgers can always claim that their card is broken to avoid biometric verification altogether. We propose a biometric authentication framework which uses two separate biometric features combined to obtain a non-unique identifier of the individual, in order to address privacy concerns. As a particular example, we demonstrate a fingerprint verification system that uses two separate fingerprints of the same individual. A combined biometric ID composed of two fingerprints is stored in the central database and imprints from both fingers are required in the verification process, lowering the risk of misuse and privacy loss. We show that the system is successful in verifying a person’s identity given both fingerprints, while searching the combined fingerprint database using a single fingerprint, is impractical

Performing the Union: the Prüm Decision and the European dream

In 2005, seven European countries signed the so-called Prüm Treaty to increase transnational collaboration in combating international crime, terrorism and illegal immigration. Three years later, the Treaty was adopted into EU law. EU member countries are obliged to have systems in place to allow authorities of other member states access to nationally held data on DNA, fingerprints, and vehicles by August 2011. In this paper, we discuss the conditions of possibility for the Prüm network to emerge, and argue that rather than a linear story of technological and political convergence and harmonisation, the (hi)story of Prüm is heterogeneous and patchy. This is reflected also in the early stages of implementing the Prüm Decision which proves to be more difficult than it was hoped by the drivers of the Prüm process. In this sense, the Prüm network sits uncomfortably with success stories of forensic science (many of which served the goal of justifying the expansion of technological and surveillance systems). Instead of telling a story of heroic science, the story of Prüm articulates the European dream: One in which goods, services, and people live and travel freely and securely