Hacker Find a Simple Way to Fool IRIS Biometric Security Systems
Biometric security systems that involve person's unique identification (ID), such as Retinal, IRIS, Fingerprint or DNA, are still evolving to change our lives for the better even though the biometric scanning technology still has many concerns such as information privacy, and physical privacy.
In past years, Fingerprint security system,
which is widely used in different applications such as smartphones and
judicial systems to record users' information and verify person's
identity, were bypassed several times by various security researches,
and now, IRIS scanner claimed to be defeated.
The same security researcher Jan Krissler, nicknamed Starbug, from the famous Chaos Computer Club (CCC), who cloned fingerprint of a Germany's federal minister of defense using her pictures taken with a "standard photo camera" at a news conference, have claimed that the same technique is possible to fool IRIS biometric security systems.
Don't worry! It's not like how they do it in movies, where an attacker
needs to pull authorized person's eye out and hold it in front of the
eye scanner. Instead, now hackers have finally found a simple way to
bypass IRIS Biometric security systems using images of the victims.
Back in December, at 31st Annual Chaos Computer Conference in Hamburg
Germany, Krissler explained how he used a close-up photo of Ms Ursula
von der Leyen's thumb taken from different angles and created an accurate thumbprint using commercial fingerprint software from Verifinger.
However, in an upcoming talk at the Vancouver-based security conference
this month, Krissler will detail how the similar thing can be done with
eyes simply by using pictures gathered from the Internet.
Krissler then created an accurate clone of the minister’s thumb print,
though he wasn't able to verify whether the clone matched with the copy
of von der Leyen’s thumb, as he hadn't gotten her permission to carry
out his further tests.
IRIS SECURITY SCANNER HACK DEPENDS UPON:
He told Forbes that the attack depends on a number of factors, such as-
- Target’s eyes must had to be bright because of the way the infrared-based system his company bought for Krissler used light.
- The image should be large and expanded.
- Image of the iris with diameter of 75 pixels.
- Print out should have a resolution of 1200 dpi
The major difference between the two technique is that unlike
fingerprint biometric security systems bypass that requires to create a
proper clone of the finger, IRIS recognition hacks only need is the
print out, the researcher claims.
"We have managed to fool a commercial system with a print out down to an iris," Krisser told Forbes. "I did tests with different people and can say that an iris image with a diameter down to 75 pixel worked on our tests. The print out had to have a resolution of 1200 dpi too, though it’s easy to find printers able to hit that specification today, and ideally at least 75 per cent of the iris was visible."
Hacker Find a Simple Way to Fool IRIS Biometric Security Systems
Reviewed by Unknown
on
3/10/2015
Rating: