Get best of the week

How to protect user biometric data from criminal use

Theft of biometric data


When cybercriminals copy an electronic pass, select a password, or use plastic card skimming, all these things can be replaced and thus prevent possible fraud.

With the advent of biometric technology, the identification process has been simplified. But the problem is that, in case of theft, changing the biometric features will not work.

The first significant thefts were discovered three to four years ago:
2016Ghana has stolen voter biometric data.
2017Stolen biometric data of Filipino voters.
The American company Avanti Markets has stolen fingerprints of customers. Data
leakage from the Indian Aadhaar biometric system.
2018Fingerprints and photographs of voters were stolen in Zimbabwe .
Compromise of biometric data of a billion citizens of India.
2019The multi-million fingerprint database from the South Korean company Suprema has been made publicly available .
Voice recordings of Sberbank customers have been stolen .
Unfortunately, even the best multi-level protection against hacking has vulnerabilities, and the occurrence of such incidents is inevitable.

How to make biometric identification secure


In order to eliminate or minimize possible damage, it is necessary to timely identify attempts to simulate someone else's biometrics - to detect fake in real time and confirm or deny that the data are presented by the true owner.

Checking on living / non-living using multi-factor identification significantly increases security and makes the theft of any element of personal data inconsequential.

There are already concepts that combine biometric data with other security features. Such decisions create more reliable digital accounts, and stolen biometric features are not enough to commit illegal actions.

Multispectral check on living / nonliving


One of the effective approaches to detecting fake biometric features is based on multispectral registration, which greatly complicates the use of fake biometric data for identification.
This method compares the optical characteristics of the material under investigation that are invisible under ordinary conditions with the known characteristics of a living object. Several light sources of various spectra are used to obtain information from the surface and from the depth of living tissue, up to the capillary vessels.
For a timely response, neural network algorithms of machine vision are used, which can be quickly adapted when new types of threats and fakes are identified.

Multi-factor identification


It is possible to ensure high-quality and reliable user identification by implementing a multi-factor solution when several biometric and non-biometric personality traits are recorded.
Strict identification using two or more factors is fundamentally safer.
It is important to use a combination of several reliable methods of identification so that the user himself can choose the most acceptable and convenient for him.

Recoverable Biometrics


We cannot change our biometric data, but we can change the storage methods and algorithms for working with them. To do this, special solutions are being developed under the general name "cancelable biometrics."
. , .
This approach allows you to use your own method for each record, which prevents cross-matching.

In addition, if the instance of the converted biometrics is compromised, it is enough to change the conversion algorithm to generate a new option for re-registration.

For safety, irreversible functions are used. Thus, even if the conversion algorithm is known and the converted biometric data are available, it will not be possible to restore the original (not distorted) biometry from them.

Transformations can be applied both in the signal domain and in the attribute domain. That is, either the biometric signal is converted immediately after its receipt, or is processed in the usual way, after which the extracted features are converted.

The conversion algorithm allows the expansion of the template, which allows to increase the reliability of the system.

Examples of signal level transformations include mesh morphing or block permutation . The modified image cannot be successfully compared with the original image or with similar images obtained with other conversion parameters.

image
Image conversion based on image morphing.
Source: Enhancing Security and Privacy in Biometrics-Based Authentication Systems by NK Ratha, JH Connell, RM Bolle

The picture shows an original photo with a superimposed grid aligned on the facial features. Next to her is a photograph with a modified grid and the resulting distortion of the face.

image
Block Scrambling Image Transformation
Source: Enhancing Security and Privacy in Biometrics-Based Authentication Systems by NK Ratha, JH Connell, RM Bolle

A block structure aligned with characteristic points is plotted on the graphic model. The resulting blocks are then scrambled in a random but repeatable manner.

Developed solutions that generate a stable and repeatable biometric code to create the so-called true biometric hashing . The algorithm allows you to generate a stable biometric code under various environmental conditions and the natural noise of the sensors during biometric scanning. This limits registration errors. As a result, the system works with high performance and reliability.

The entropy generated by the system limits the risks of having different people with some similarities and creating the same stable codes.

Thus, using only stable bits from biometric scanning creates a stable code that does not require a stored biometric template for authentication.

The registration process looks like this:

  • Biometric scanning captures an image;
  • The algorithm extracts stable and reproducible vectors from the image;
  • Open and closed code is generated. Locked code is hashed;
  • Symmetric or asymmetric cryptographic keys are issued for the generated biometric hash code;
  • In the case of asymmetric cryptographic keys, the public key is saved, the private key is deleted from the system. No biometric data is stored in any case.

Verification is carried out as follows:

  • Biometric scanning captures an image;
  • The algorithm extracts the same stable functions as during registration;
  • The public code will tell the system where the functions are located to search for the private code
  • The same closed code is created, the same hash and cryptographic keys are issued for authentication.

image
Flowchart with symmetric cryptographic keys

image
Flowchart with asymmetric cryptographic keys

In order for a conversion to be repeatable, a biometric signal must be properly registered before it can be converted. This problem is partially solved using a number of methods described in the scientific literature.

How to maximize confidence in biometric identification


Unfortunately, it is necessary to accept the fact that any personal data, including biometric, cannot be fully protected from theft.

The maximum that can be done is to design systems that discount the stolen data.
A number of biometric characteristics are public. For example, our face can be photographed, and our voice can be recorded on a voice recorder.

To ensure user confidence in biometric identification, it is necessary to ensure the reliability and safety of the systems used due to:

  • Data encryption on biometric terminals to protect against hacking;
  • Real-time biometric identification with verification on living / non-living;
  • The use of multispectral and multimodal solutions;
  • Fast adaptation of algorithms to the emergence of new vulnerabilities;
  • Applications of algorithms that discount stolen biometric data.

In order for the user’s attitude to biometric identification systems to become trustworthy, it is better to propose solutions in which, for example, you need to look directly at the camera lens or at a certain mark to confirm your identity. This will eliminate concerns about covert surveillance and unauthorized control.

The original article is on the site rb.ru

More articles:


All Articles