Hackers Unlock Samsung Galaxy S8 With Fake Iris

From a Motherboard report: Despite Samsung stating that a user's irises are pretty much impossible to copy, a team of hackers has done just that. Using a bare-bones selection of equipment, researchers from the Chaos Computer Club (CCC) show in a video how they managed to bypass the scanner's protections and unlock the device. "We've had iris scanners that could be bypassed using a simple print-out," Linus Neumann, one of the hackers who appears in the video. The process itself was apparently pretty simple. The hackers took a medium range photo of their subject with a digital camera's night mode, and printed the infrared image. Then, presumably to give the image some depth, the hackers placed a contact lens on top of the printed picture. And, that's it. They're in.

That's nothing.

[93+Escort+Wagon]

I unlocked it by playing a Goo Goo Dolls track.

Who would point a Samsung laser at their eye?

[bit+trollent]

Let's see.. their last phone literally exploded, but this one is safe enough to point a laser at your eye?

Re:Who would point a Samsung laser at their eye?

[Cro+Magnon]

That should work fine. Twice.

Single biological authentication doesn't work

[courteaudotbiz]

If a device only check for one thing, in this case, iris pattern, the device cannot know if it is a real eye for sure. Validating the iris and fingerprint, or iris and voice recognition, or iris and DNA would already be more secure, but as I come up with these ideas, I always find a way these things can be fooled together. It just makes it more complicated to fool 2 sensors at a time, but absolutely not out of reach of 3 letters agencies. I think iris scan combined with voice and a plain old password would already be some sort of security.

Re:Single biological authentication doesn't work

[Sique]

The general problem is still unsolved. If your iris and your fingerprint id are broken, how do you replace them with new ones?

That's the general problem with biometric identification. Once you can overcome the limits of the scan mechanism, and impersonate someone else, there is nothing the impersonated one can do to close the door again, until new scan mechanisms are in place which have to be fooled in a new manner.

Re:Single biological authentication doesn't work

Biometrics are really analogous to user names, not passwords. I really have no idea why they keep insisting that they are the next thing in security.

Re:Single biological authentication doesn't work

[denis-The-menace]

That the difference between identification and authentication.

You can ID people with iris,fingerprint,DNA.
You cannot authenticate their intent that way. That's why we have PIN numbers and passwords.

Re:Single biological authentication doesn't work

[swillden]

The general problem is still unsolved. If your iris and your fingerprint id are broken, how do you replace them with new ones?

This statement indicates that you erroneously believe that biometric authentication security (such as it is) is based on secrecy of the biometric patterns. This is not the case, and cannot be the case. Since the security (such as it is) does not derive from secrecy, rotation is useless and irrelevant. Your biometrics are public information; fingerprints are left everywhere and your iris structure can be extracted from any decent photograph. Given that, supposing you could rotate your biometrics, the new values would also be public information.

Biometric security (such as it is) derives from the difficulty of presenting a fake body part for scanning, or otherwise injecting known data which is not the attacker's body structure. In some cases (like this one, obviously), that bar is extremely low. Uselessly low for many contexts, but not all.

Re:Single biological authentication doesn't work

[swillden]

Biometrics are really analogous to user names, not passwords.

They're neither. Usernames require uniqueness and exactness of matching that biometrics lack. Matching efficiency of biometrics is also absysmally low, compared to good usernames.

Passwords require secrecy that biometrics lack.

Biometrics simply do not fit into the username/password security model. Biometrics can provide useful security, depending on the context and the requirements, but they work differently. To work well, they also need to be paired with a username (like passwords do), so that you can tell which data to try to match the livescan against. So they're more similar to passwords than to usernames, but they're not much like passwords because they are not and cannot be secret. What security they have derives from the difficulty (or not) of faking the scanner into believing that the data presented is a real body part. In this case, that difficulty is obviously very low. That doesn't make it useless, it just means that it's only appropriate for contexts that require only a low level of security but more than "swipe to unlock".

The only real problem with these consumer device biometric authentication scanners is that consumers often believe them to have a higher level of security than they do. As long as everyone understands that they are strictly weaker than a password, and potentially much weaker, we're good.

Re:Single biological authentication doesn't work

[Sique]

This answer assumes errorneously that I would consider biometric information a secret.

Quite the contrary! You can't replace your biometric patterns. They are an intergral part of yourself, and everyone with the means to do so can check them. That's why they are used to identify you. But if they can be forged, they don't identify you anymore, and there is nothing you can do about that. You can't get a new iris. You can't get new fingerprints. They are like a lock with a second set of keys you don't control. No one can identify you anymore with certainity. Your biometric patterns are burned and useless to you.

The CCC pulled a similar stunt with fingerprints before. They managed to get hold of the finger prints of the german Minister of the Interior at the time, Wolfgang Schaeuble (they got a glass he was drinking from at a public event). They made glows with the fingerprints in them. Then they got them scanned as their own and applied for a new biometric passport. Now they have a passport in their name, but with Wolfgang Schaeuble's fingerprints in them.

Re:Single biological authentication doesn't work

[swillden]

You can ID people with iris,fingerprint,DNA.

You can't, really.

You can take a database of potential matches and narrow it down probabilistically using biometrics, but absolute identification cannot be achieved. There is no guarantee of uniqueness, and even if there were, the matching process is inherently fuzzy and imprecise, so even if two people absolutely have different fingerprints (or whatever), it may still be that their prints are similar enough that the matching process decides they're the same.

You cannot authenticate their intent that way. That's why we have PIN numbers and passwords.

In general, you can't authenticate intent with PIN numbers or passwords either, unless the password in question is only ever used for exactly one purpose, which is rarely true. What you can do is to offer a clear question to the user and let them answer. The process of answering provides an indication of intent, and this is true whether the process requires merely clicking "Okay" or typing a 20-digit random number. The more difficult the process the less likely it is that you're going to get an inadvertent approval (lacking intent), but that's still independent of the type of process.

It's reasonable to use a password as part of an intent-determination process. It's equally reasonable to use a biometric. In both cases you must take care to structure the process to minimize the chance of inadvertent approvals.

Re:Single biological authentication doesn't work

[swillden]

This answer assumes errorneously that I would consider biometric information a secret.

Okay, working from the assumption that biometrics are public information, it's easy to see why rotation is irrelevant. The whole purpose of password rotation is that passwords provide security only if they are secret, and secrecy erodes over time. Rotation is how we fix loss of secrecy. But biometrics are not secret and therefore there would be no security benefit of rotation even if you could do it.

Which means that rotation is a red herring.

Re:Single biological authentication doesn't work

[sjames]

Fingerprint scanners can be fooled fairly easily. Two easy to fool things may discourage casual access, but it's hardly TLA type stuff. It's well within the reach of crazy ex or business rival.

Re:Single biological authentication doesn't work

[swillden]

Fingerprint scanners can be fooled fairly easily. Two easy to fool things may discourage casual access, but it's hardly TLA type stuff. It's well within the reach of crazy ex or business rival.

In general, if TLA security is your goal, you have two realistic options: (1) Hide among the masses or (2) give up. It's a certainty that no consumer-level device will keep you secure if you're being targeted by a nation-state.

With respect to fingerprint, etc., scanners in phones, just keep in mind that biometric authentication is strictly weaker security than a PIN[1] and you're good.

[1] "Weaker than a PIN" is an approximation. Whether or not it's true depends on who the attacker is. If the attacker is a nation-state, it's absolutely true. If it's your friend or family member.... biometric auth may be stronger than a PIN against someone who's in a position to shoulder surf.

Re:Single biological authentication doesn't work

[Sique]

Any pair of key and lock which is compromitted should be replaced. You change your locks once someone broke in your home, or someone has a key you don't trust any longer. You change your password once you notice someone was in your account. But you can't change your biometrics. So what happens to the locks your biometrics were the key to?

Re:Single biological authentication doesn't work

[Anubis+IV]

Building on what you said, biometrics are generally safe to use for identification (i.e. I'm referring to X person), not authentication (i.e. I am X person). In much the same way that many of us here are identifiable by unique usernames that everyone else can see, biometrics are merely pieces of information that (mostly) uniquely identify each of us, but we should not assume that they will remain private or secure.

If you're dealing with a secure system, you shouldn't be treating biometrics as anything more than a username.

Re:Single biological authentication doesn't work

[swillden]

Any pair of key and lock which is compromitted should be replaced. You change your locks once someone broke in your home, or someone has a key you don't trust any longer. You change your password once you notice someone was in your account. But you can't change your biometrics. So what happens to the locks your biometrics were the key to?

Locks are a bad analogy, just like passwords. Locks also rely on secrecy, in this case on the secrecy of the shape of the key.

Rather than trying to analogize, analyze the security of biometric systems directly, on their own basis. Assume that the biometric data is known to the attacker (this is the only reasonable assumption), and if rotation were feasible, that that attacker would also know the new data. Think about the contexts in which the system will be used, and the obstacles that the attacker must overcome in order to successfully present the known data to the system. Those obstacles represent the security level of the system. Secrecy is irrelevant, therefore rotation is irrelevant.

Re:Single biological authentication doesn't work

[sexconker]

Nope.

Identification - Who you claim to be.
Authentication - Proving you are who you claim to be.
Authorization - What you are allowed to do.

It's so fucking simple, yet you fucking retards keep trying to shit it up by chipping away at the authentication piece and relying more on the identification piece.

Re:Single biological authentication doesn't work

[Sique]

You constantly ignore the problem. I don't talk about secrecy. I don't talk about rotation.

I talk about that a compromised security system has to be replaced or to be repaired -- whatever the breach was.

But you can't neither replace nor repair your own biometrics. Once they are compromised, they stay compromised. Biometrics rely on the fact that they are unique to one person. Once they aren't unique anymore, they lose their security feature. They can't be used anymore to reliably identify the person who once uniquely owned them.

Re:Single biological authentication doesn't work

[Frosty+Piss]

The real problem here is not two-factor yadda yadda, it's that this is implemented on a sub-$1000 phone . The device itself and almost certainly whatever algorithms they are using cannot possibly be as rigorous as, say, the biometrics used to access the anthrax lab or the room President Trump keeps his Russian cypher equipment in.

Re:Single biological authentication doesn't work

[swillden]

You constantly ignore the problem. I don't talk about secrecy. I don't talk about rotation.

I talk about that a compromised security system has to be replaced or to be repaired -- whatever the breach was.

But you can't neither replace nor repair your own biometrics. Once they are compromised, they stay compromised.

You're confusing the system with the data.

Okay, let's try this. Suppose I have two systems: my phone, and the nuclear weapons storage facility that I work at. The phone has a cheap scanner will accept anything that looks vaguely like my fingerprint. The nuclear weapons storage facility has a high-quality fingerprint scanner with such tight matching parameters that I must scrub my finger clean before attempting to scan it, and is overseen by an armed guard who checks that my finger is my finger, nothing more and nothing less. He knows how to spot fake finger overlays.

Now, suppose that someone steals my phone, lifts my fingerprint off of it, makes a photocopy, and my phone accepts that photocopy and unlocks. The phone has been completely compromised.

Now, does this also compromise the nuclear weapons storage facility?

Re:Single biological authentication doesn't work

[Trogre]

This is another example why Something You Know authentication (a password) is much better than Something You Have (an eyeball, fingerprint or key) for unlocking digital devices.

Re: Single biological authentication doesn't work

[swillden]

Your nuclear weapons plant security is a pipe dream.

Have you ever worked in nuclear weapons security? I have. I have a very good idea of what is and is not practical in that context.

However, I will readily admit that I exaggerated both systems; I described a phone scanner that is considerably worse than real devices, and a nuclear weapons storage entry scanner that is probably stricter than what would really be implemented.

Re: Single biological authentication doesn't work

[swillden]

The original complaint was that the system in and of itself is not a good security system due to it being useful for identification but NOT authentication, and any system that uses it for both, is easily and irrevocably broken.

No, the original complaint was that biometrics (in general, not this specific system) are insecure because you can't change your body parts. Read back up the thread.

Also, no system under discussion uses biometrics for both identification and authentication. I don't know what you're talking about.

You keep changing the circumstances to justify your argument. Now we're up to armed guard in a nuclear weapons facility as proof that a biometric authentication system is somehow "secure".

I was illustrating a highly secure implementation, to demonstrate that it's the system as a whole that matters.

Sorry but "put a big guy holding a gun next to it" doesn't fix the broken authentication mechanism, it just prevents others from trying to take advantage of the fact it's broken.

You missed the point. It's not the gun that matters, it's the scrutiny of the finger, which makes fooling the scanner extremely difficult... and hence the security not broken.

The point is that context matters. If you can't see that, you really don't understand how to analyze security systems.

Re:Single biological authentication doesn't work

[denis-The-menace]

Can you give examples of how you'd do Authentication vs. Authorization.

I can't see Authorization being done as a "logging-in" type of action.

I see Authorization as the WAY the account is set up (e.g. file Permissions, etc.)

Re:Single biological authentication doesn't work

[sexconker]

That's it exactly what it is. It's what you are allowed to do. It is enforced by the authority that authenticates you or the systems that trust that authority.

I am so happy!

[XXongo]

I am so happy! According to Hollywood, hacking into an iris-scan protected phone means ripping out somebody's eyeball. https://www.youtube.com/watch?...

I'm glad to hear you can do it with a camera instead.

Re:I am so happy!

[The+Grim+Reefer]

I am so happy! According to Hollywood, hacking into an iris-scan protected phone means ripping out somebody's eyeball. https://www.youtube.com/watch?... I'm glad to hear you can do it with a camera instead.

Except do you think some street thug who wants to get into you phone that badly is going to carry a camera, printer and contact lens? Realistically, they'll probably punch most people once and they'll be happy to unlock the phone to avoid being hit again. Failing that, it's probably simpler to just knock the owner out and scan their eye to unlock the phone while they're unconscious.

Re:I am so happy!

[Cro+Magnon]

Obvious problem with that. Does the scanner work if you have a black eye?

Re:I am so happy!

[The+Grim+Reefer]

Obvious problem with that. Does the scanner work if you have a black eye?

Yes, as long as it's not swollen to the point it can't be pried open. Besides, there are many other places to hit someone other than the eye. And I believe it or not, most people have two eyes.

Re:I am so happy!

[will_die]

Sure but where is the fun in that.

I'd rather keep my eyeballs

[Doke]

Iris (or retina) scanning is scary, because it encourages thieves to steal your eyeballs. http://www.flickeringmyth.com/...

No big surprise there

[H3lldr0p]

It's not like these companies are entrusted with anything special. Millions of people don't use their smart phones for anything more than calling and texting family or friends. And there's absolutely nothing which can be done with that information. So who cares about privacy? This is just enough for you to feel like there's security in place. Just like with the fingerprint scanner. There's no way those could have flaws which allow someone to bypass it with one of twenty possible fake fingerprints.

That'd be stupid and open up the company to allegations of fraud. No one's greedy enough to let that happen!

Retina scans not unique? Or just bad?

[whoever57]

In my LinkedIn feed, someone posted the results of an attempt to use the retina scanner at an airport in order to go through the faster "Clear" security line.

The scanner identified the person's retina as belonging to a completely different person.

And we rely on these systems?

But wait...

[110010001000]

...wait, I was told AI was right around the corner. Are you telling me we can't even make simple software work?

Re:But wait...

[tsqr]

...wait, I was told AI was right around the corner. Are you telling me we can't even make simple software work?

I guess this means that making simple software work is around the same corner.

Re:But wait...

[thegarbz]

Are you telling me we can't even make simple software work?

Of course we can. Now the real question is: Do we want to put the effort into making simple software work?
Or a better question would be: Is Samsung capable of making anything work?

Don't over complicate a very simple issue.

nothing is impossible to copy

[evolutionary]

There are many sci-fi works of fiction that came up with plausible ways to circumvent eye scanner passwords, this is hardly a shock. Everyone said fingerprints would enhance security , Well we could get past that with talcum and scotch tape. Voice print->voice recorders. Eyes->high scale image scanners/cameras. What's next? Brain scanners? I'M happy with rotating passwords of 16+ chars thanks.

unblocked

[tamara346]

more unlocked and unblocked information in http://unblockedgames7788.weeb...

Re:Something you have AND SOMETHING YOU KNOW

[rodrigoandrade]

Something you have
Something you know
Something you are

Your iris is only one of them, therefore the system isn't too secure.

So much for the movie drama

[wizkid]

No more Movies with people popping the eyeballs out to get past the biometric's. No Wait, This is Hollywood. Nevermind.....

Re:You must understand that the average petty thie

[Geoffrey.landis]

Of course not. The average thief would just purchase the hacked irises and fingerprints on the internets, where they are for sale by people who are professional at stealing irises and fingerprints. Just like today there are people professional at stealing credit card numbers, and different people who actually buy the stolen credit card numbers to use.

Re:Something you have AND SOMETHING YOU KNOW

[geekmux]

A halfway solution is not a solution.

The only solution identified to solve for was removing the effort normally required to authenticate to your smartphone.

Biometrics was created to meet the needs of the lazy generation.

Re:You must understand that the average petty thie

[ledow]

The average petty thief isn't guessing a four-digit PIN that locks out after too many attempts either.

Anyone with a basic modicum of security realises that what you're paying for is a VERY VERY VERY expensive way to tap in four digits automatically.

But at least you have to give up the PIN, whereas your iris scan can be taken from you without your knowledge. And I'm sure a non-petty thief (i.e. a guy on a moped swiping phones from city centres all day long) would love to have a way to turn your lock screen off to get the full resale value rather than a useless brick. Whether that be from fingerprints on the screen itself or an accomplice's selfie of you just before he nicks your phone.

But think more of: You're at an airport, in the middle of nowhere. And a cop demands you unlock your phone. He could just get you to look in it. Or he could have to force a four-digit passcode from you, and/or get a warrant.

Surely protecting against the former makes sense in any security situation, especially when even Apple refuse to help the FBI unlock people's phones.

Security vs Convenience

[green1]

I think by now everyone on Slashdot knows that biometrics provide very little actual security. That said, they do provide a very real solution to a very real problem. My phone has too much information on it to leave completely unprotected, but at the same time, I unlock it so many times a day that entering a long and complex passphrase each time is impractical.
Now that said, the phone situation is also not like any other computer security issue either. I pay pretty close attention to where my phone is at all times, and that place is usually on my person. So it could be argued that it doesn't need as much security. It is in very real terms not much different that way from my wallet, and a thief doesn't need to pass any authentication at all if he steals my wallet, and that contains not only cash and credit cards, but also my ID, which would be enough to steal my whole identity.

I see the fingerprint authentication on my phone as being enough to stop my toddler from doing too much harm to my settings, or my friends from pranking me at the bar, it's also enough to foil the vast majority of casual pickpockets. It won't protect me against any government agency, or dedicated crime syndicate, but really, who am I fooling, neither of those groups is going to care about my phone, and if they do, there's no authentication I could put on it that will actually provide real protection from them (between "rubber hose" attacks, and whatever hacking tool they've found and not released yet)

Now if I was asked to use biometrics to authenticate my car, house, workplace, or bank account, I'd object a lot more, after all, those things are often left unattended, and the incentive for a malicious party to get in to them is much higher than my phone.

Re:Security vs Convenience

[swillden]

I think by now everyone on Slashdot knows that biometrics provide very little actual security.

It depends on the context and on the details of the biometric system. Of course, this is *always* true; "security" not only isn't a boolean, it's not even a continuum. It's an n-dimensional tensor. To determine what security you have, you have to think about the avenues of attack, the nature of likely attackers and the risk that you're trying to protect against.

For example, it would be fine to use a fingerprint sensor to control access to a nuclear missile silo. The fingerprint sensor wouldn't be the only element of the security system, but it would be perfectly reasonable to use as a method to authenticate an authorized individual... as long as the system ensures that faking fingerprints is extremely difficult. Given an armed guard who is trained to spot fake finger overlays, and with instructions to detain or kill anyone who attempts to subvert the system, the security level would be quite high.

In fact, nuclear weapon security *does* rely on biometric authentication, but it's normally the old-fashioned face recognition kind, where one human attempts to match another human's face against a small photo on a plastic card. Fingerprint scanners are harder to fool than that, assuming the guard doesn't know the entrant personally.

Of course, we're talking about biometric scanners in consumer devices, where the attacker has complete freedom to try anything he likes to fool them. That's a different context.

That said, they do provide a very real solution to a very real problem. My phone has too much information on it to leave completely unprotected, but at the same time, I unlock it so many times a day that entering a long and complex passphrase each time is impractical.

Yes, this is the reason biometric authentication on phones is a good idea. Now, if you have really important data on your phone a fingerprint may still not be good enough. You have to decide.

I see the fingerprint authentication on my phone as being enough to stop my toddler from doing too much harm to my settings, or my friends from pranking me at the bar

It's worth pointing out that against your friends and family, a fingerprint is probably more secure than a simple password (or PIN or pattern; they're all passwords). Unless you have unusual friends or family, it's very likely that they would find shoulder surfing much easier than manufacturing a fake fingerprint, even though they have ready access to your prints.

it's also enough to foil the vast majority of casual pickpockets

Here's an area where iris authentication may be better than fingerprint. A phone thief who is willing to go to the effort of manufacturing gummi fingers to fool fingerprint scanners is likely to be able to lift a copy of your fingerprints off of the surface of your phone. He's less likely to be able to get an infrared photograph of your eye.

Now if I was asked to use biometrics to authenticate my car, house, workplace, or bank account, I'd object a lot more

Are you sure your phone isn't a key to any of those things? Odds are good that it *is* a key to your bank account.

Re:Security vs Convenience

[green1]

Are you sure your phone isn't a key to any of those things? Odds are good that it *is* a key to your bank account.

I think you misunderstood my point. The point is that my phone is "guarded" by me, and doesn't get left unattended in random parking lots like my car, left alone for hours or days at a time like my house, or completely unsupervised (by me) like my bank.

If someone wants to steal my car, they are far better to grab my key fob than my phone, they're both in the same pocket, but one requires no authentication, while the other requires a fingerprint. Same idea for my money, they could take my phone, unlock it with a fake fingerprint, then enter the pin number they shoulder surfed earlier on the banking app, or they could just swipe the credit card from my wallet in my other pocket.

I'm not saying my car/home/bank need higher security than my phone does, (because as you rightly point out, the phone accesses those very things) I'm saying that the fact that my phone is being carried by me adds to the security beyond what the fingerprint provides.
Maybe I should clarify. If my new car came with a key fob with a fingerprint reader built in, that would increase the security. However if it came with a fingerprint reader on the driver's door instead of a keyfob, that would decrease the security. Same idea with the house, if there was a fingerprint reader integrated in to my key, the security would be increased, if the deadbolt used a fingerprint instead of a key, the security would be decreased. For the bank, if there was a fingerprint reader integrated in to the credit card, security increases, if you use a fingerprint instead of your card, security is decreased.

As for iris being better than fingerprint. Yes and no. I suspect that the speed and accuracy of the fingerprint scanner adds more to it's convenience than the iris scanner, along with an immunity to sunglasses, bright glare, etc. Additionally, despite leaving my prints on my phone, the odds of retrieving one that is clear enough to work with are relatively low. Especially being that my phone was built before the obsession with high gloss backplates that make it impossible to hold on to your phone and hold fingerprints well.

Re:Security vs Convenience

[swillden]

I think you misunderstood my point.

I did. Thanks for the clarification.

As for iris being better than fingerprint.

And I think you misunderstood mine :-).

I wasn't claiming that iris is generally better than fingerprint, I was saying that it's likely more secure against penetration by a phone thief. Security is context-dependent, and in that context iris is probably harder to get past than fingerprint. Iris is probably less secure than fingerprint against friends and family, who probably have many high-quality photographs of your eyes, and can easily get more.

I suspect that the speed and accuracy of the fingerprint scanner adds more to it's convenience than the iris scanner

Perhaps. If the iris scanner is extremely good and fast it could actually be more convenient than fingerprint. Suppose that all you had to do was to point your phone vaguely in the direction of your face (as you must do to look at it), and it unlocked in 50 ms (instantly, from a human perspective).

Additionally, despite leaving my prints on my phone, the odds of retrieving one that is clear enough to work with are relatively low.

Not as much as you might think. A couple of guys on my team tested Nexus 4, 5 and 6 a couple of years ago, and found that all three of them captured great fingerprints that could be recovered by shining a light on the device at the correct angle and taking a photograph with another phone. The N5 and N6 were actually better than the N4, even though the N4 has a glass back. Smooth plastic seems to hold fingerprints better than glass, even though they're less visible. They tend to smudge a little more easily on glass, I think.

Re:Security vs Convenience

[green1]

I shy away from anything with smooth plastic as I like to be able to hold on to my phone without dropping it. My note4 has a textured back. Easier to hold and doesn't hold prints either. The fascination with smooth backs on phones is a disaster in every regard.

Re:Security vs Convenience

[swillden]

In fact, nuclear weapon security *does* rely on biometric authentication, but it's normally the old-fashioned face recognition kind, where one human attempts to match another human's face against a small photo on a plastic card. Fingerprint scanners are harder to fool than that, assuming the guard doesn't know the entrant personally.

One human attempts to match another human's face against a small photo on a computer screen that's been signed by a DOD crypto key. That's a little harder to fool than a fingerprint scanner. Fingerprint overlays are easier to fake and conceal than convincing masks.

The digital signature confirms that the face in the photo is authorized. It does nothing to improve the human's ability to match live face against photo. In the fingerprint case, something analogous to that digital signature is also required. It could be a digitally-signed fingerprint template, or it could be that the template is retrieved from a secure database.

This highlights one aspect of biometric matching systems that I haven't mentioned in these threads: It's crucial to be sure that the template you're matching against is the right one. This is also essential for password authentication; if the attacker can alter the password database and replace the real password with one of his choice, he can get in.

Back when I worked on nuclear security, BTW, we didn't have digitally-signed photos. Instead, we used a dual-badge system. Two copies of each authorized badge were issued, in different colors. One was given to the authorized person, the other was stored in a secure area at the entry checkpoint. When someone came to the checkpoint, the guard took the person's badge and retrieved the duplicate from the secure area, then compared them. If they were identical, and the photo matched the person, the person was given the badge from the secure storage and allowed to enter. Upon exiting, the badges were swapped back.

In that case, the stored duplicates provided the verification of authenticity, and also provided an easy way to see who was inside at any given time. The digital signature on the photo stored in the CAC card's chip provides verification of authenticity. Presumably a database is now used to track who is inside.

Biometrics are a joke

[OneHundredAndTen]

Time and again, they have been shown to be much easier to subvert than people thought and, worse, once compromised, they can't be repudiated - imagine getting new fingerprints or a new iris.

Re:Not impressive

[sexconker]

I've never seen such a requirement, but I guarantee you it would be trivial to trick. I bet you could simply place your index and middle finger in front of the fake iris model and make a scissoring motion when it asks you to blink.

Re:Not impressive

[green1]

If they can fake the iris, don't you think they could figure out how to fake an eyelid closing?

Patent litigation in 3.2.1

[billybob2001]

Apple lawyers are getting ready to sue, since hearing that Samsung are infringing on the eyePhone.

Something you have plus something you know

[mrun4982]

Such a simple concept that so many companies/people, like Apple and Samsung, just don't understand who true it is. Finger prints, your eye balls, etc are usernames, not passwords.

Simon Phoenix

[CrAlt]

Simon Phoenix already figured out how to bypass retina locks with nothing but a pen.

  Howto video:
https://youtu.be/CbM--4-z0cs

Be Well

What's the big deal?

[sootman]

Just follow current best practices and change your iris every 90 days.