Skip to main content

Biometrics - Spoofing and Liveness Detection


Last November I examined the issue of spoofing and liveness detection from the view point of the trade-off between False Acceptance/False Match (FA/FM) and False Rejection/False Non-Match (FR/FNM). I bring it back in view of the yet bigger noises around fruitless arguments.

Below is the conclusion.

Spoofing is another factor to raise FA/FM rates and Liveness Detection is another factor to raise FR/FNM rates; the presence of FR/FNM forcing the users to rely on a fallback measure, a default password/pincode in most cases, which brings down the overall security to the level lower than the authentication by a default password/pincode alone.

That’s all.

Click the link for more - https://www.linkedin.com/pulse/spoofing-liveness-detection-biometrics-hitoshi-kokumai/


Comments

Post a Comment

Popular posts from this blog

Expanded Password System to Complement FIDO2

2 is larger than 1 but is not necessarily stronger than 1, as two children could be overwhelmed by a grown-up. For a two-factor authentication to be really reliable, each factor should be reasonably secure and usable enough. On the other hand, ‘password-less’ authentication, however attractive it might sound, would only benefit bad guys as examined in the link page - https://www.linkedin.com/pulse/removal-passwords-its-security-effect-hitoshi-kokumai/ People who offer a token as 'a factor' of two factor authentication schemes could all be viewed as our potential down-stream partners. Among them are the people who offer FIDO2-compatible solutions. Put together, we could come up with the two-factor authentications that are much more reliable than otherwise.
Post a Comment
Read more

‘Authenticators’ and ‘Deployment of Authenticators’

There are not a few security professionals who wrongly mix up the layer of ‘authenticators’ with that of ‘deployment of authenticators’, talking as though the former and the latter were competing each other, for example, ‘Multi-Factor Authentication is better than a password’ and ‘ID federation is better than a password’. The password is an ‘authenticator’. So are the token and biometrics. Whereas MFA and ID federation like FIDO and Open ID are ‘deployment of the authenticators’ Expanded Password System is to be found on the layer of 'authenticator', while the likes of Open ID and FIDO are all to be found on the upper layer of 'deployment of authenticators' and, as such, the likes of Open ID and FIDO could naturally be our down-stream partners. There are also some people who wrongly allege that removing an authenticator should increase security.   They are plainly misguided as examined here – “Removal of Passwords and Its Security Effect” https://www.linke
Post a Comment
Read more

Quest for Global Ubiquity

We wish to make our Expanded Password System solutions readily available to all the global citizens: rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster. For achieving such global ubiquity, we will need more and more research into such diverse disciplines as psychology, sociology, behavioural economics and brain science in addition to cryptography, safe coding and other security technologies. Your shout would be welcomed if you happen to know researchers who may be interested to include the issue of ‘identity assurance by our own VOLITION and MEMORY’ in their study subjects or if you yourself are interested to join us. We will shortly launch the global operation of promoting Expanded Password System from our headquarters set up in UK and this research program, which should naturally be international, is to play a significant role in it. Linked is my article posted 6 years ago, which might indicate an aspect of what we
Post a Comment
Read more