Difference between revisions of "Biometric Attribute"
From MgmtWiki
(→Full Title or Meme) |
(→Problems) |
||
(12 intermediate revisions by the same user not shown) | |||
Line 4: | Line 4: | ||
==Context== | ==Context== | ||
*[[Biometric Attribute]]s are taken to be exclusively the measure of human characteristics like fingerprint, facial and behavior patterns. | *[[Biometric Attribute]]s are taken to be exclusively the measure of human characteristics like fingerprint, facial and behavior patterns. | ||
+ | *The human characteristics are another factor that can be a part of [[Multi-factor Authentication]]. | ||
+ | *So the human characteristics can be considered to be a [[Credential]]. | ||
+ | *The measurements of the characteristic are compared against a template of the characteristics using some [[Assurance]] level to produce a [[Validated]] claim. | ||
==Problems== | ==Problems== | ||
− | *False positives | + | *False positives typically come from either relaxed testing, environmental noise or obsolete technology. |
− | *False negatives | + | *False negatives infuriate [[User]]s which is why false positives are tolerated. |
− | *Attacks against the sensor capabilities. | + | *Attacks against the sensor capabilities. Various movie and television plots have shown the attacks like taking someone's eyeball, or using a thin-film replica of a finger print to complete an [[Authentication]] which [[Authorization|Authorizes]] access. |
+ | *Attacks against the template store. Access to the [[Authentication]] data store can often be the simplest attack as it is based on known techniques. | ||
+ | *[[Biometric Attribute]]s attached to official documents may inadvertently become [[Biometric Identifier]]s which invade the user's privacy. See the wiki page [[Biometric Identifier]] for user cases where that has damaged a user's life. | ||
==Solutions== | ==Solutions== | ||
+ | * ISO 30107-3:2017 describes testing of [[Biometric Attribute]] presentations. | ||
+ | * The first Level 1 rating in the NIST/NVLAP-certified iBeta Presentation Attack Detection (PAD) Certification test was granted on (2018-09-23) to [https://www.zoomlogin.com/ facetec]<ref>Planet Biometrics, ''FaceTec notes achievement in anti-spoofing test.'' (2018-09-23) http://www.planetbiometrics.com/article-details/i/7463/desc/facetec-notes-achievement-in-anti-spoofing-test/</ref> | ||
==References== | ==References== | ||
[[Category:Glossary]] | [[Category:Glossary]] |
Revision as of 12:49, 30 December 2018
Full Title or Meme
Biometrics are literally the measures of the biologic phenotype of a User.
Context
- Biometric Attributes are taken to be exclusively the measure of human characteristics like fingerprint, facial and behavior patterns.
- The human characteristics are another factor that can be a part of Multi-factor Authentication.
- So the human characteristics can be considered to be a Credential.
- The measurements of the characteristic are compared against a template of the characteristics using some Assurance level to produce a Validated claim.
Problems
- False positives typically come from either relaxed testing, environmental noise or obsolete technology.
- False negatives infuriate Users which is why false positives are tolerated.
- Attacks against the sensor capabilities. Various movie and television plots have shown the attacks like taking someone's eyeball, or using a thin-film replica of a finger print to complete an Authentication which Authorizes access.
- Attacks against the template store. Access to the Authentication data store can often be the simplest attack as it is based on known techniques.
- Biometric Attributes attached to official documents may inadvertently become Biometric Identifiers which invade the user's privacy. See the wiki page Biometric Identifier for user cases where that has damaged a user's life.
Solutions
- ISO 30107-3:2017 describes testing of Biometric Attribute presentations.
- The first Level 1 rating in the NIST/NVLAP-certified iBeta Presentation Attack Detection (PAD) Certification test was granted on (2018-09-23) to facetec[1]
References
- ↑ Planet Biometrics, FaceTec notes achievement in anti-spoofing test. (2018-09-23) http://www.planetbiometrics.com/article-details/i/7463/desc/facetec-notes-achievement-in-anti-spoofing-test/