A Black Hat USA briefing scheduled for late July will discuss falsifying of iris scans and the hacking of iris recognition systems, according to a report in Computerworld.
Javier Galbally, an assistant researcher at Universidad Autonoma de Madrid, will lead the talk. Galbally has an extensive research background in the vulnerabilities of biometric systems and sees hacking iris recognition systems as a real possibility.
It has been assumed that the use of binary iris code – a very compact representation of an iris image – does not contain enough information to enable replication of the original iris. However, the accuracy of the synthetic iris codes, though detectable by a human expert, can fool iris recognition systems.
Gabally’s research examines the effectiveness of synthetic iris patterns against the iris recognition systems on the market.
By using a database of fake images derived from actual irises, and printing them with a commercial printer, Galbally found “40% of the images were accepted by iris scanners, granting access to the imposter at a rate of 50% or better.”
These findings are particularly valid as the FBI prepares to test its own iris detection database in conjunction with private corporation B12 Technologies. The announcement made last year plans to institute a nationwide face and recognition system, and builds on B12’s Inmate Identification and Recognition System (IRIS) that has been in operation for the past six-years.
Galbally’s research proves that iris scanning is not yet an impervious method of identification, and with government agencies like the FBI planning to incorporate this technology on the national level, his briefing at Black Hat USA is sure to be compelling.
Read the full Computerworld report here.