Government Computer News
Is it live, or is it ... latex?
In the 2004 film “National Treasure,” the character played by Nicholas Cage surreptitiously steals a wineglass that had been used by the curator of the National Archives and in a matter of minutes creates a replica of her fingerprint. He uses the image to get past security measures protecting the Declaration of Independence and steals the document in order to look for a treasure map on the back.
Digg
De.licio.us
Slashdot
Technorati
Faking it
The rest of the movie’s plot might be outlandish, but finding a way to fake someone else’s fingerprints is not.
“The scene portrayed in ‘National Treasure’ is feasible, though not in that time frame,” said Chet Hosmer, president and chief technology officer of WetStone Technologies Inc. of Cortland, N.Y. Using a fingerprint replicated on a small, oval piece of thin latex film, Hosmer demonstrated for GCN how easy it can be to fool current fingerprint readers.
He simply fitted the replica to his own finger, fixing it in place with a small dab from a glue stick, then put the fake fingerprint on the scanner and clicked OK on the computer monitor. And it worked—he gained access to the supposedly secure computer.
The prospect of being able to spoof fingerprints is disturbing because government agencies and industry alike have been moving to incorporate biometrics into a variety of systems that require identity authentication.
Classified facilities at military bases could have fingerprint readers that verify a person’s identity before he or she can enter. The Homeland Security Department is planning to include fingerprint biometrics in its U.S. Visit program; visitors to this country will have to get their fingerprints scanned to confirm their passports.
Companies are looking for ways to incorporate fingerprint biometrics as part of security measures. Many notebook PCs include built-in fingerprint readers so users can log on without passwords.
In short, not being able to trust fingerprint verification carries significant risk.
The Defense Department’s Biometrics Management Office is aware of growing concerns about the possibility of spoofing fingerprints, too.
“Biometric spoofing techniques have garnered some public attention. We are aware of these, and of the industry response to integrate liveness [ways of verifying live tissue as opposed to a replication] and other safeguards,” said Joseph Guzman, acting BMO director.
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
GCN.com
The latest technology news from GCN.com
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
 |
![1105 Government Information Group [justice]](/images/1105logo_website.gif "Government Computer News [justice]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
