Navigation path



Published: 28 August 2014  
Related category(ies):
Information society  |  Video reports  |  International cooperation  |  Security  |  Success stories


Countries involved in the project described in the article:
China  |  Finland  |  France  |  Italy  |  Spain  |  Switzerland  |  United Kingdom
Add to PDF "basket"

Behind the mask of biometric security

How reliable is biometric security? Computers recognize us by our faces, voices and fingerprints, but can we trick them by pretending to be someone else? In this edition of Futuris Denis Loctier finds out just how easily this can be done.

Photo of a man
Video in QuickTime format:  ar  de  el  en  es  fa  fr  hu  it  pt  ru  tr  uk  (9.9 MB)

Facial recognition is sometimes used instead of passwords for secure computer access. But if an intruder uses a mask, some biometric systems can be tricked into letting him in.

Computers rely on complex algorithms to learn and recognize our faces. However, systems of biometric identification can be surprisingly easy to get around.

A European research project is studying weaknesses in biometric systems in order to make them more secure. The problem for Sébastien Marcel, researcher in biometrics, at the Idiap research institute is that “biometric systems most effective at recognising a person are also potentially the most vulnerable. Every time there is a new attack we have to develop a new counter measure. So there’s still quite a bit to do before we understand why biometric systems are vulnerable.”

Realistic masks are the latest challenge to facial recognition systems. Until recently, infiltrators used photos or videos of the targeted person’s face. Software developed by the researchers prevents such attacks.

Movement is a key element, according Nesli Erdoğmuş, a researcher in 3D face recognition at Idiap: “Firstly, there’s eye blink detection: the software can ask the user to blink at the right moment. That makes it impossible to log in by just showing a portrait of the person to the camera. Another countermeasure is motion detection: a printed face and a real face don’t move in the same way.”

Researchers are working on a further feature that would analyse skin texture. That should allow their biometric software to distinguish a real face from a realistic mask. It seems facial recognition still needs some work, but are fingerprints more reliable?”

Fingerprint patterns are often considered a perfectly secure method of identification – but researchers at the University of Cagliari in Italy have shown that that is not always the case.

Gian Luca Marcialis, a researcher in pattern recognition at the university’s UNICA PRA laboratory says: “Recent studies have shown that it’s possible to con fingerprint systems with artificial fingers, which can be made with material easily bought in a supermarket.”

A fingerprint left on some surfaces, such as glass, can be copied and reproduced within minutes. The quick and cheap process involves making a gum fingertip and replicating the skin pattern of the original. Incredibly, many fingerprint scanners don’t see the difference.

“We can choose a fingerprint stored in the system and use its replica to get an almost perfect match,” says Marcialis.

The proposed solution is so-called ‘liveness assessment’ which, when activated, rejects the scanned fingerprint if the skin texture appears too artificial, as Marcialis explains: “our system measures two things: the pattern match score and the liveness score. So even with a very accurate fake fingerprint an impostor won’t be able to pass through security.”

Despite the successes, keeping one step ahead of the fraudsters is keeping biometrics experts on their toes.

Project details

  • Project acronym:TABULA RASA
  • Participants:Switzerland (Coordinator), Finland, France, Italy, Spain, UK, China
  • FP7 Project N° 257289
  • Total costs: €5 692 474
  • EU contribution: €4 095 417
  • Duration:November 2010 - April 2014

Convert article(s) to PDF

No article selected


Search articles

To restrict search results to articles in the Information Centre, i.e. this site, use this search box rather than the one at the top of the page.

After searching, you can expand the results to include the whole Research and Innovation web site, or another section of it, or all Europa, afterwards without searching again.

Please note that new content may take a few days to be indexed by the search engine and therefore to appear in the results.

Print Version
Share this article
See also

Futuris, the European research programme - on Euronews. The video on this page was prepared in collaboration with Euronews for the Futuris programme.

Project web site

Project information on CORDIS

Unit A1 - External & internal communication,
Directorate-General for Research & Innovation,
European Commission
Tel : +32 2 298 45 40
  Top   Research Information Center