Keeping an eye on intruders

Sep 04, 2008

Electronic fingerprinting, iris scans, and signature recognition software are all becoming commonplace biometrics for user authentication and security. However, they all suffer from one major drawback - they can be spoofed by a sufficiently sophisticated intruder. Writing in the International Journal of Biometrics, Japanese researchers describe a new approach based on a person's reflexes that could never be copied, forged, or spoofed.

Masakatsu Nishigaki and Daisuke Arai of Shizuoka University, Japan, explain how the use of biometrics for user authentication is becoming increasingly widespread. "Biometrics makes it possible to authenticate a person accurately," they say.

A digital fingerprint pad hooked up to a computer, for instance, can provide access to online resources only to specific individuals based on their unique fingerprint. Signature recognition allows a person to receive information or goods only if their signature matches the imprint held in a database. Iris scanning technology identifies a person and allows them access to a building only if they have authorization. There are several other biometrics in development, based on the pattern of blood vessels in the retina or skin and other such phenomena.

"However, biometric information can easily be leaked or copied," the researchers point out. "It is therefore desirable to devise biometric authentication that does not require biometric information to be kept secret."

To this end, the team has turned to one phenomenon that cannot be spoofed - a person's unique reflex responses. They point out that even if a person's pattern of reflex characteristics were revealed to a malicious third-party, they would not be able to replicate them adequately to impersonate the authorized individual. Reflexes by their very nature are beyond conscious control.

Nishigaki and Arai have turned to blind spot position and the so-called saccade response for their biometric. The blind spot, or scotoma, is a fixed region on the retina of the eye where the optic nerve bundle and blood vessels pass from the eyeball into the brain and so no image can be produced here. The position of the blind spot can be determined relative to the direction of gaze. Saccade response is the repeated, tiny, left-to-right movements made when our eyes track something moving right to left, and vice versa.

If physiological biometric information, such as blind spot, were used alone, Nishigaki adds, the possibility remains that an impostor could use surgery or an ingenious contact lens to change the shape of their own eyeball, and be successful in impersonating someone else. Blind spot alone would be no more sophisticated than iris recognition.

By using the blind spot position as a trigger to induce saccades, user authentication can be done by displaying a target within and outside the person's blind spot and using eye tracking technology to measure the reflex time taken until eye movements occur. Each pattern of responses will be unique to the individual.

An authentication system of this type could not be spoofed even if the attacker were to use sophisticated materials, equipment, or even surgery. "Our method transforms differences in physiological biometric information (blind spot) into "differences in human reflexes (saccade) and uses it for authentication," Nishigaki says.

The team has also now published a second version of the reflex-based user authentication that uses blind spot position and pupil contraction and a third version that uses vergence, or crossing, eye movements. These papers have been published in the scientific literature in Japan.

Source: Inderscience Publishers

Explore further: Shopping 'mega-jams' have brought cities to a halt for decades

add to favorites email to friend print save as pdf

Related Stories

NASA develops key to cosmic carbon's molecular evolution

May 14, 2013

(Phys.org) —Scientists at NASA's Ames Research Center, Moffett Field, Calif., now have the capability to systematically investigate the molecular evolution of cosmic carbon. For the first time, these scientists ...

WikiLeaks: We don't know source of leaked data

Jul 28, 2010

(AP) -- WikiLeaks' editor-in-chief claims his organization doesn't know who sent it some 91,000 secret U.S. military documents on the Afghan war, telling journalists the website was set up to hide the source ...

NAC Attack: Today's Products Will Fail, Report Says

Apr 07, 2007

Vendors say modern NAC products will fall by the wayside in favor of software-based technologies that manage risk by integrating endpoint security, access control, identity and risk management.

Recommended for you

Report: FBI's anthrax investigation was flawed

Dec 19, 2014

The FBI used flawed scientific methods to investigate the 2001 anthrax attacks that killed five people and sickened 17 others, federal auditors said Friday in a report sure to fuel skepticism over the FBI's ...

Study reveals mature motorists worse at texting and driving

Dec 18, 2014

A Wayne State University interdisciplinary research team in the Eugene Applebaum College of Pharmacy and Health Sciences has made a surprising discovery: older, more mature motorists—who typically are better drivers in ...

Napster co-founder to invest in allergy research

Dec 17, 2014

(AP)—Napster co-founder Sean Parker missed most of his final year in high school and has ended up in the emergency room countless times because of his deadly allergy to nuts, shellfish and other foods.

LA mayor plans 7,000 police body cameras in 2015

Dec 16, 2014

Mayor Eric Garcetti announced a plan Tuesday to equip 7,000 Los Angeles police officers with on-body cameras by next summer, making LA's police department the nation's largest law enforcement agency to move ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

DGBEACH
2 / 5 (1) Sep 04, 2008
...and I suppose that a "robotic face" could not be programmed to exactly copy a person's reactions to stimuli...please...better yet, you could spoof this with a small photo-sensitive OLED display hooked up to a simple laptop any day of the week!

True DNA detection is the ONLY real way to ID someone.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.