Outsmart fakes

October 2014 Access Control & Identity Management

Many biometric readers claim to offer the ability to defend against fake fingerprints and to ensure only live prints, i.e. those attached to a human body are accepted, but not all deliver the goods. Here are five pointers on the concept of avoiding fingerprint spoofing in order to gain the best value for money from your biometric system.

1. Enrolment: True fake finger detection starts at the enrolment process. When recording or enrolling users’ fingerprint templates on the system, it is vital that the person tasked with managing the process is ethical, trustworthy and sufficiently certified or trained. An enrolment officer who allows users to enrol a rubber fingerprint is as dangerous as a network administrator who allows virus-ridden adult websites through the corporate firewall.

2. Optional fake finger detection: Not all biometric solutions offer lens based fake finger detection as standard. This is often a feature which needs to be specified at the proof-of-concept stage in a project to ensure that this optional functionality is included from the outset.

3. Finger and vein print combination: Fake finger detection doesn’t get much better than a device which offers vein and fingerprint biometrics in a hybrid reader as standard. A vein network can be read using unique reference points, which are virtually impossible to duplicate.

4. Fake ‘fake’ finger detection: Be cautious of vendors who offer rubber fingerprints as standard marketing gimmicks to enrol on biometric readers. Not only is this approach detrimental to the integrity and security of the identity industry, it is also a desperate measure to promote products which do not comply with international latent print best practice. Often the so-called ‘fake finger’ or ‘liveness’ detection on these products can be easily bypassed by holding a live finger on the edge of the sensor screen area to satisfy the capacitive circuitry and presenting a fake finger on the rest of the sensor screen.

5. International best practice: Vendors who dismiss the FBI standard as an irrelevant North American certification that does not apply to Europe or Africa are not only ill informed, but are also unscrupulous and unethical. The FBI standard is an internationally recognised minimum requirement for systems that are used in law enforcement and civilian identification.

If your biometric solution is FBI certified, it means that the electronic fingerprint record is an accurate representation of the actual latent fingerprint. Would you allow someone to record your name as Donald Duck on a database? If not then why allow them to inaccurately record your fingerprint on a biometric database. Worse still, if your bank uses fingerprint readers which do not comply with FBI standards, they may be opening themselves to widespread identity fraud and risk.

Also be extremely cautious of vendors who claim that their products are FBI certified when in reality only one or two of their product lines is certified and are not commercially available, while the reader model which they are offering you is not FBI certified.

Following these five rules will ensure that your choice of biometric reader makes it all the more difficult for those with nefarious intent to bypass the biometric processes you have in place to secure assets.

For more information contact Ideco Biometric Security Solutions, 086 104 3326, contact@ideco.co.za , www.ideco.co.za


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.

IAM has business on high alert
August 2019 , Access Control & Identity Management
Identity and Access Management (IAM) is now a must in commerce and the need to protect digital assets is driving the development of solutions and widespread adoption

Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.