web-archive-net.com » NET » S » SHORTINFOSEC.NET

Total: 241

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Information Security Short Takes: A Simplified Analysis - Can you Forge a Biometric ID?
    Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities A Simplified Analysis Can you Forge a Biometric ID Security of biometric ID s like biometric passports is a very frequent topic of discussion and we all know there are issues But most of those issues are related to encryption materials and generally anything that requires a lot of technical knowledge Here is an example of the possibility to create a fake Biometric ID with very little technical knowledge In order to understand this possibility we need to discuss the 2 biometric elements within the ID 1 Facial information Each biometric ID contains a very clear and accurate photo of the owner of the ID And facial recognition is used in a lot of systems most frequently in organizations which require non intrusive identification like casinos and some border controls So facial recognition systems are quite common and commercially available But facial recognition has an inherent weakness it cannot be calibrated to 100 accuracy This is simply because some features of your face can actually change at a daily basis facial bloating skin discoloration acne minor injuries So the facial recognition system needs to be flexible most facial recognition systems are set up to match at around 70 80 2 Fingerprints Fingerprints are also stored in the biometric ID with most ID s storing only one or two fingerprint the index finger of the right hand or the fingerprints of both index fingers It is common knowledge that fingerprint readers can be easily fooled with very simple and available methods One simply lifts the fingerprints and creates a copy using photoshop laser printer and gelatin or wood glue Here is an example of a simple fingerprint lifting method the first step in recreating a fingerprint So far these two elements may be fooled but how can we create a fake biometric ID with such information Technically it is very very difficult to modify a manufactured biometric ID into a fake one which was the initial idea But what if you can alter the input data into the process of creating a new legal biometric ID The process is quite simple The seller of fake ID must create the fake ID for a person that has similar facial features to him her so the facial recognition software matches the expected 70 80 similarity To match a seller and a buyer with sufficient similarity you can use a public web site http celebrity myheritage com FP Company try face recognition php The seller will prepare fake

    Original URL path: http://www.shortinfosec.net/2009/11/simplified-analysis-can-you-forge.html (2016-04-27)
    Open archived version from archive