Safeguarding Biometric Authentication Systems from Fingerprint Spoof Attacks

This publication describes processes, methods, and techniques of safeguarding biometric authentication systems from fingerprint spoof attacks. A fingerprint spoof attack occurs when a malicious party attempts to access a user’s computing device by mimicking/replicating biometric identifiers inherent to the user’s fingerprint. To prevent fingerprint spoof attacks, an improved biometric authentication protocol includes, in a first step, verifying a user’s identity and, in a second step, determining if the finger presented is alive. As a result, fingerprint spoof attacks can be rejected when it is determined that the spoof finger does not exhibit characteristics of life

On the interoperability of capture devices in fingerprint presentation attacks detection

Abstract A presentation attack consists in submitting to the fingerprint capture device an artificial replica of the finger of the targeted client. If the sensor is not equipped with an appropriate algorithm aimed to detect the fingerprint spoof, the system processes the obtained image as a one belonging to a real fingerprint. In order to face this problem, several presentation attacks detection (PAD) algorithms have been proposed so far. Current methods heavily rely on features extracted from a large data set of fake and real fingerprint images, and an appropriate classifier trained with such data to distinguish between live (real) and fake (spoof) fingerprint images. Building such data set requires a significant effort for fabricating samples of fake fingerprints, with the most effective materials used to circumvent the sensor. Interesting and promising results have been obtained, but they also suggest that the PAD is tailored on the particular sensor. Small and significant differences also occur when a novel version of the same sensor is released, and this may affect the PAD. Therefore, making a PAD interoperable is among the main current issues when considering fingerprints as the first level of protection and security of logical or physical resources. This paper is a first attempt to assess at which extent the sensor interoperability can be an issue for fingerprint PADs and to eventually propose a solution to this limitation. In particular, textural features will be under focus and a feature space transformation method based on the least square is proposed

Mitigating Sensor and Acquisition Method-Dependence of Fingerprint Presentation Attack Detection Systems by Exploiting Data from Multiple Devices

The problem of interoperability is still open in fingerprint presentation attack detection (PAD) systems. This involves costs for designers and manufacturers who intend to change sensors of personal recognition systems or design multi-sensor systems, because they need to obtain sensor-specific spoofs and retrain the system. The solutions proposed in the state of the art to mitigate the problem still require data from the target sensor and are therefore not exempt from the problem of obtaining new data. In this paper, we provide insights for the design of PAD systems thanks to an overview of an interoperability analysis on modern systems: hand-crafted, deep-learning-based, and hybrid. We investigated realistic use cases to determine the pros and cons of training with data from multiple sensors compared to training with single sensor data, and drafted the main guidelines to follow for deciding the most convenient PAD design technique depending on the intended use of the fingerprint identification/authentication system