Article details

Title: Vulnerabilities at the Sensor Level in Biometric Systems: A Review
Author(s): Stelian Spînu               

Abstract: Biometrics have the potential to provide better security and increased user convenience compared to traditional person recognition methods. However, biometric systems are vulnerable to attacks that can compromise their security. In this article, a classification of the attacks at the biometric sensor level is proposed, taking into consideration the biometric trait attributes. The attacks at the user interface level are described and common spoofing techniques against fingerprint, face, and iris recognition systems are presented. Countermeasures, which discriminate between live biometric traits and spoof artifacts, are also summarized.

Keywords: person recognition, biometrics, security, presentation attacks, spoofing, spoof detection


[1] A.K. JAIN, R. BOLLE, and S. PANKANTI (Eds.) Biometrics: Personal Identification in Networked Society, Kluwer Academic Publishers, Boston, MA, 1999
[2] S. NANAVATI, M. THIEME, and R. NANAVATIBiometrics: Identity Verification in a Networked World, John Wiley & Sons, New York, NY, 2002
[3]R.M. BOLLE, J.H. CONNELL, S. PANKANTI, N.K. RATHA, and A.W. SENIOR Guide to Biometrics, Springer-Verlag, New York, NY, 2004
[4] N.K. RATHA, J.H. CONNELL, and R.M. BOLLE A Biometrics-Based Secure Authentication System, Proc. of the IEEE Workshop on Automatic Identification Advanced Technologies, AutoID ’99, pp. 70-73, Summit, NJ, Oct. 1999
[5] N.K. RATHA, J.H. CONNELL, and R.M. BOLLEAn Analysis of Minutiae Matching Strength, In J. Bigun and F. Smeraldi (Eds.), “Audio- and Video-Based Biometric Person Authentication: Third International Conference, AVBPA 2001, Halmstad, Sweden, June 6-8, 2001: Proceedings”, pp. 223-228, Springer-Verlag, Berlin, Germany, 2001
[6] N.K. RATHA, J.H. CONNELL, and R.M. BOLLEEnhancing Security and Privacy in Biometrics-Based Authentication Systems, IBM Systems Journal, Vol. 40, No. 3, pp. 614-634, Sep. 2001
[7] N.K. RATHA, J.H. CONNELL, and R.M. BOLLE Biometrics Break-Ins and Band-Aids, Pattern Recognition Letters, Vol. 24, No. 13, pp. 2105-2113, Sep. 2003
[8] U. ULUDAG and A.K. JAIN Attacks on Biometric Systems: A Case Study in Fingerprints, In E.J. Delp III and P.W. Wong (Eds.), “Security, Steganography, and Watermarking of Multimedia Contents VI: 19-22 January 2004, San Jose, California, USA”, pp. 622-633, SPIE, Bellingham, WA, IS&T, Springfield, VA, 2004
[9] J. GALBALLY, J. FIERREZ, and J. ORTEGA-GARCIAVulnerabilities in Biometric Systems: Attacks and Recent Advances in Liveness Detection, Proc. of the 1st Spanish Workshop on Biometrics, SWB 2007, Girona, Spain, Jun. 5, 2007
[10]J. GALBALLY-HERRERO Vulnerabilities and Attack Protection in Security Systems Based on Biometric Recognition, Ph.D. Thesis, Universidad Autónoma de Madrid, Spain, Nov. 2009
[11]Z. AKHTAR, C. MICHELONI, and G.L. FORESTI Biometric Liveness Detection: Challenges and Research Opportunities, IEEE Security & Privacy, Vol. 13, No. 5, pp. 63-72, Sep.-Oct. 2015
[12]A.K. JAIN, A.A. ROSS, and K. NANDAKUMAR – Introduction to Biometrics, Springer, New York, NY, 2011
[13]J.D. BUSTARD, J.N. CARTER, and M.S. NIXON Targeted Biometric Impersonation, Proc. of the 2013 International Workshop on Biometrics and Forensics, IWBF 2013, pp. 1-4, Lisbon, Portugal, Apr. 4-5, 2013
[14]J.D. BUSTARD, J.N. CARTER, and M.S. NIXON Targeted Impersonation as a Tool for the Detection of Biometric System Vulnerabilities, Proc. of the 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems, BTAS 2013, pp. 1-6, Arlington, VA, Sep. 29-Oct. 2, 2013
[15]G.R. DODDINGTON, W. LIGGETT, A.F. MARTIN, M.A. PRZYBOCKI, and D.A. REYNOLDS Sheep, Goats, Lambs and Wolves: A Statistical Analysis of Speaker Performance in the NIST 1998 Speaker Recognition Evaluation, Proc. of the 5th International Conference on Spoken Language Processing, incorporating the 7th Australian International Speech Science and Technology Conference, ICSLP 1998, Sydney, Australia, Nov. 30-Dec. 4, 1998
[16]N. YAGER and T. DUNSTONE Worms, Chameleons, Phantoms and Doves: New Additions to the Biometric Menagerie, Proc. of the 2007 IEEE Workshop on Automatic Identification Advanced Technologies, AutoID 2007, pp. 1-6, Alghero, Italy, Jun. 7-8, 2007