Digital Iris That Looks Real Enough To Fool Biometric Scanners

In the recently held Black Hat Security conference, a technique of recreating iris images using the digital codes essential for iris-scanning security protocols was shown, and the images that came out were so amazing that even the commercially graded iris-scanning devices were fooled. Whenever the iris-scanning biometric systems generate a digital print of the iris, they don't keep that image for future comparisons. What happens is, when a person scans his iris for the first time, the system converts the print into a code of nearly 5000 data bits. This code is dependent on 240 key points in the iris image and is a unique digital likeness of the iris. Once the code is generated, the actual image is done away with. Now when the person returns back for consecutive rounds of authentication, he has to scan his retina again, and if the converted code is close to the earlier generated code (with a small margin for error), then his identity is confirmed and the access is granted.



The researchers from Universidad Autonoma de Madrid and West Virginia University have come up with a technique that employs reverse-engineering- digital code to iris image- via genetic algorithms. After 100 to 200 iterations the algorithm pops out an iris code that is very close to the actual code. Those depending on biometric systems for security need to worry, for while all this may seem too filmy at present, it's not at all unconvincing.

Via: Threat Level Posted in: #Coffee Room