Making fingerprints more reliable biometrics
- By Mark Rockwell
- Jan 26, 2017
In the next few weeks, the intelligence community's research arm will launch two programs aimed at detecting fake fingerprints and developing devices to collect fingerprint data without a human operator.
IARPA's Odin program, set to begin with four prime developers in early March, aims to build detection technologies that can sense "presentation attacks" on biometric devices, such as fingerprint sensors. Presentation attacks try to "spoof" real-world physical biometric samples, like fake fingerprints, Chris Boehnen, senior program manager at the Intelligence Advanced Research Projects Activity told FCW, a sister site to GCN.
Prosthetic fingers, faked fingerprints built with wood glue or other substances and other techniques can confuse current fingerprint sensors, Boehnen said. Such attempts to deceive biometric sensors are likely to continue in light of the ways criminals are adapting to the high-tech law enforcement toolkit, he added.
"The bad guys are intent on beating our [biometric] systems, he said. "Biometrics security now is like internet security was back in the late ‘90s" when not many people thought to use firewalls to protect their computers.
Combatting spoofing is important to federal agencies that screen for terrorists trying to evade detection or gain access to other locations. It is also critical for state and local law enforcement offices and commercial-sector security. That's why IARPA is interested in funding research into the technology. The tech, he said, can also be used to combat fraud in the civilian world, making it marketable beyond the federal government's use.
Another IARPA program, called N2N, is set to start in the coming days and looks to "nudge" advances in high-resolution fingerprint devices towards federal government's needs, including higher-resolution, contactless technology, Boehnen said.
N2N is set up as a $100,000 prize challenge for commercial providers who have been developing advanced fingerprint capabilities. N2N stands for "Nail-to-Nail" fingerprints, which offer more details than a surface "slap" fingerprint. The extra fingerprint information in an N2N print can be used to identify "latent" or partial fingerprints at crime scenes as well as for other applications, he said.
Additionally, N2N could tap into contactless fingerprinting technology, which can read fingerprints without having the subject touch anything. N2N fingerprints, however, require an expert human facilitator to obtain, making wholesale collection a problem.
Contactless and nail-to-nail fingerprinting technologies are being developed in the commercial world, Boehnen said. They're developing so quickly, however, they lack certification for government use.
The prize challenge, Boehnen said, provides a good venue to see if existing technology works without having to invest substantial federal research and development money.
This article was first posted to FCW, a sister site to GCN.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at [email protected] or follow him on Twitter at @MRockwell4.