Researchers hack facial biometrics

Powered by SC Magazine
 

Researchers in Vietnam will be demonstrating how to hack facial recognition biometrics at the Black Hat security convention currently underway in the US.

Researchers in Vietnam will be demonstrating how to hack facial recognition biometrics at the Black Hat security convention currently underway in the US.

Nguyen Minh Duc, head of the application security department at the Bach Khoa Internetwork Security Center at Hanoi University of Technology, will be demonstrating how to beat the facial recognition systems built into some Lenovo, Toshiba and Asus laptops.

The systems use the laptop’s built-in webcam to take a picture of the user’s face, so that it can be used instead of a fingerprint or password to access the device. But according to Duc this system can be beaten in a variety of ways.

“The mechanisms used by those three vendors haven’t met the security requirements needed by an authentication system, and they cannot wholly protect their users from being tampered,” he said.

“There is no way to fix this vulnerability. ASUS, Lenovo, and Toshiba have to remove this function from all the models of their laptops … [they] must give an advisory to users all over the world: Stop using this [biometric] function.”

The researchers used the obvious method of showing the camera a picture of the registered user and this was reasonably successful. However the system could also be bypassed by showing the camera pictures of other people’s faces after playing around with light and shade settings.

Duc will be showing how to beat Lenovo's Veriface III, Asus' SmartLogon V1.0.0005, and Toshiba's Face Recognition 2.0.2.32 using these techniques.

Copyright ©v3.co.uk


 
 
 
Top Stories
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
 
Data: Advertising's best frenemy
STW Group's Tom Ceglarek faces a digital conundrum: he must feed his client's demand for performance insights while his industry is being undermined by data analysis.
 
Inside Telstra's multi-faceted cloud strategy
An overview of its own cloud and deals with Cisco, VMware, IBM and NextDC.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2131

Vote