Saturday, June 14, 2008

Altering biometric images enhances security



BOSTON: A trick reminiscent of a fun-house mirror might improve the security and privacy of the access-control technology that examines fingerprints, facial features or other personal characteristics.
In such systems, known as biometrics, a computer generally reduces an image to a template of ``minutia points'' — notable features such as a loop in a fingerprint or the position of an eye. Those points are converted to a numeric string by a mathematical algorithm, then stored for later analysis. But those mathematical templates, if stolen, can be dangerous.
So researchers have developed ways to alter images in a defined, repeatable way, so that hackers who managed to crack a biometric database would be able to steal only the distortion — not the true, original face or fingerprint. Charles Palmer, head security researcher for International Business Machines Corp., believes biometric fraud will become more sophisticated — and problematic.
IBM's solution is to make biometric readers distort the image before it is scanned.
For example, a face might be made to appear lumpy, or squished up around the eyes.
Then a template of the distorted image would be stored.
When someone returned to the scanner, the real-life image would be transformed according to the same patterns, creating a match with the tweaked image in the database.
The original image is not stored anywhere. And even if hackers could obtain the altered biometric, it would be of limited use as long as individual organisations maintained their own formulas for transforming images before scanning.

— Courtesy AP

No comments: