Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye?

the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens.

Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Do not look into laser with remaining eye

[guruevi]

A pupil's response can be imitated with a video in response to the flash. I work with several types of eye trackers fairly frequently, the eye is relatively slow in responding to stimuli, it's definitely within the realm of a cell phone to play back the image of an eye and it's iris in response, in time to one of these flashes.

The problem with biometric is that it is considered the end-all of security system whereas it should be considered only part of something (who you are, what you know, ...)

Re:Do not look into laser with remaining eye

The problem with biometric is that it is considered the end-all of security system whereas it should be considered only part of something (who you are, what you know, ...)

No. The problem with biometrics is that it builds upon faulty assumptions and fails to address real concerns.

Somebody fakes my eyescan successfuly once, it loses all future use to me and now I have to scoop out an eye, perhaps replace it with a glass one with some famous person's fake eyescan patterns, to have some use out of it again. But wait, I'd rather keep the eye to see with.

The logical conclusion is that I don't want my eyes, not even one, be used as a security in this sort of gamble. That means you do not get to scan my eyes, ever, making the idea strictly useless for security, aaa, or whatever else you want to do with it, but instead outright dangerous for my valuable body parts.

Biometrics is only "hollywood security", where usernames, including the crappy and noisy biometric ones, are taken to be as good as passwords, and "security override" is all you need to get past any hurdle anyway. In the real world, security doesn't magically improve just because we bend over backwards for some camera looking into our eyes. Any biometric is more easily faked than replaced, and that makes them useless for the end-user, in fact outright dangerous to limb, possibly life, because it makes the end-user expendable.

That means there is only one correct answer to any biometric-anything idea: FUCK OFF with your biometrics, whatever idea you have this week. FUCK OFF ALREADY.

Re:Do not look into laser with remaining eye

[arth1]

With the iris scanning, how about getting the person to follow a small dot around the scanner with their eye and an iris tracker can confirm it's doing so.

Any security solution that depends on technology can also be defeated by technology.

In this case, you would have to have a system for tracking the eye, which would be defeated by a system for tracking the dot. Plus, you'd need guards against feeding the system wrong data at multiple points, or bypassing the tracking altogether. You'd multiply complexities unnecessarily, and only end up with another system to keep honest people honest.

Executives[*] who base their "knowledge" on Hollywood movies and detective stories are to blame for big business buying into biometrics for authentication. It's the worst thinkable system possible, because once you have defeated it, you have defeated a living human person, who cannot change his compromised biometrics.

The implementations fly in the face of ADA and similar measures too, directly discriminating against people who cannot use the systems. Some don't have fingerprints. Others cannot stand and look into the iris scanner. Or don't have eyes to look into them with. So you must have a backup system anyhow. That prompts the question: If the backup system is trustworthy, why not use it instead?

[*]: And unfortunately not just business execs. As late as last week, a police superintendent was quoted in a big newspaper saying that DNA evidence is 100% trustworthy and (I kid you not) we should never question it. The newspaper didn't even question that statement or ask an expert for opinion.

So soon they forget

[ggendel]

As someone that was part of the team that pioneered iris recognition in the late 80s, I can say that this is totally the fault of the current software. We had various techniques implemented from the start that would prevent this kind of problem. Controlling multiple IR leds to provide a changing specularity pattern. This would guarantee that the eye was shaped as expected, rejecting all flat copies. Checking for the normal pulsation of the pupil would reject dead eyes. There were various other checks, like verification of facial features (there were two eyes, etc.). Checking for the proper occlusion of the eyelids was also part of the process. With only a few captures our testing has not shown this kind of issue (and we did try perfect eye replication). I've heard this kind of thing from the beginning, nothing new here. Again, we implemented all of these features in our original work, but implementors felt that these should not be included in their products.