Mirror Mirror on the Wall Is Facial Recognition the Best - - PowerPoint PPT Presentation

mirror mirror
SMART_READER_LITE
LIVE PREVIEW

Mirror Mirror on the Wall Is Facial Recognition the Best - - PowerPoint PPT Presentation

Sep 03, 2023 17 likes •272 views

Mirror Mirror on the Wall Is Facial Recognition the Best Authenticator of All? Biometrics in the News This Month August 8 th Facebook looses appeal, is now eligible for class- action lawsuit against facial recognition. August 14 th

slide-1
SLIDE 1

Mirror Mirror

  • n the Wall

Is Facial Recognition the Best Authenticator of All?

slide-2
SLIDE 2
  • August 8th – Facebook looses appeal, is now eligible for class-

action lawsuit against facial recognition.

  • August 14th – Reports hit on the Bio Star 2 data breach of over

27.8 million records, that include biometric data.

  • August 16th - Information Commissioner’s Office in the U.K.
  • pen up an investigation over facial recognition use in

London’s Kings Cross.

  • August 6th, 19th, - Increasing calls from known politicians on

facial recognition bans or limited use.

Biometrics in the News This Month

slide-3
SLIDE 3

Your car or you?

In 2005 Malaysian accountant K. Kumaran loses more than his new car: thieves cut off his index finger to get around the hi-tech security system of his S-class Mercedes.

Biometrics: Bad News or Brilliant Solution?

Finding what was lost

In April of 2018, the police of New Delhi, India, implemented facial recognition technology. Running a test, the technology identified 3000 children reported missing in only four days.

slide-4
SLIDE 4

The Growing Use of Biometrics Here in Canada

Facial Scan Shopping

▪As of July 2018, Cadillac Fairview discovered using facial scanners at mall kiosks. ▪Company argues collecting age, gender, monitoring traffic only. ▪Privacy Commissioner of Canada now investigating.

Banking on Biometrics

▪Four Directions Financial in Edmonton ▪ Using retina scanning and fingerprint ID to secure bank accounts for homeless account holders.

slide-5
SLIDE 5

The Tech that Lays the Golden Eggs

What is Biometric Authentication and why is it So Popular

slide-6
SLIDE 6

What Are Biometrics?

What Is the Relation to Facial Recognition (FR)?

Biometrics: statistical measurement and calculations made from the body. Biometric authentication: taking the these numbers and uses them to verify the individual. Facial Recognition: takes the image or scanning of the face, and converts it into quantifiable features. One of the growing and more popular types

  • f biometric authentication.
slide-7
SLIDE 7

How Does Biometric Authentication Work?

slide-8
SLIDE 8

What about Authentication vs. Identification?

1 : 1 1 : M

slide-9
SLIDE 9

Why Would an Organization Use Biometrics?

Convenience

▪Something You Are

authentication

▪Look ma, no

passwords!

▪Some can work

without conscious input.

Security

▪Harder to fool or steal

than passcodes.

▪More secure than

many conventional systems

Usability

▪Minimal learning curve

for users.

▪Some biometrics very

easy to scan and obtain,

  • esp. Facial Recognition.
slide-10
SLIDE 10

Want to Try Biometrics?

You’ve Got Lots of Options From current trends..

▪Facial Recognition ▪Fingerprint Recognition ▪Hand Geometry ▪Iris & Retinal Scanning ▪Voice Recognition

….to the future

▪Blood Pulse ▪Body Salinity ▪Facial Thermography ▪Swear Pore Analysis ▪Body Oder ▪Gait ▪Brain-Wave Pattern ▪Foot Dynamics ▪Skin Luminescence

slide-11
SLIDE 11

The Big Bad Wolf at the Door

Problems with biometric authentication

slide-12
SLIDE 12

The Innate Bane of Biometric Systems

▪Beware of False Positives and False Negatives ▪The human factor: measurements will vary ▪Too detailed and it fails; too flexible and it fails.

Bottom line: there is no way to get a biometric scanner to work 100% of the time.

slide-13
SLIDE 13

Other Innate Problems to Be Aware Of

▪Function creep & privacy invasion ▪Ethnic demographics and compatibility ▪Consequences of false negatives ▪Cost ▪Once data is stolen, it can’t be reused!

slide-14
SLIDE 14

Biometric System Vulnerabilities (Visual)

  • 1. Present fake biometrics to the sensor
  • 2. Resubmitting previously stored data
  • 3. Overriding feature extraction
  • 4. Tampering with the biometrics

feature representation

  • 5. Corrupt the macher
  • 6. Tampering with stored templates
  • 7. Attaching the channel between the

stored templates and the matcher

  • 8. Overriding the final decision
  • 1. & 2.

5.

  • 3. & 4.

6. 7. 8.

slide-15
SLIDE 15

▪“The fact that biometric data is not secret, combined with the existence of several kinds of attacks that are possible in a biometric system, make the issue of security/integrity of biometric data extremely critical.” ~John Vacca, “Biometric Technologies and Verification Systems”

slide-16
SLIDE 16

Sage Wisdom

What to know before starting the journey

slide-17
SLIDE 17

Before You Get Started: Discuss with the Business

▪What are we protecting? ▪Who are our adversaries? ▪How are we vulnerable? ▪What are our priorities? ▪What can we do for a better

implementation?

slide-18
SLIDE 18

Learn the Laws of the Land

Biometrics are increasingly considered in privacy and surveillance laws, including:

▪Biometric Information Privacy Act (BIPA) of Illinois ▪Texas Biometric Privacy Act, Washington Biometric Privacy

Law, California Consumer Protection Act

▪Biometrics are covered in the GDPR ▪The Privacy Commissioner of Canada has ruled cases of

PIPEDA applying to biometric information

▪Bans for some use in San Francisco, Oakland CA.

slide-19
SLIDE 19

Risk Reality Check

▪Misuse of biometric data, including public perception. ▪Impacts of false positives & negatives. ▪Physical and logical controls. ▪Audit trails ▪Vendor certifications ▪Security and auditing role in the project.

If your organization or client wants to include a biometric authentication, they’ll need to consider:

slide-20
SLIDE 20

Becoming the Prince to a Biometric Snow White

Standards and Solutions

slide-21
SLIDE 21

Biometric Standards for Auditing and Frameworks

ISO has multiple standards, including: ▪ISO/IEC JTC 1/SC 37 - Standards in Biometrics ▪ISO/IEC JTC 1/SC 27– IT Security standards, including standards for biometrics security ▪ISACA Audit Assurance Program ▪INCITS M5 Committee on Biometrics ▪NIST Biometrics

Privacy?

Due to the implications of biometrics and privacy, a Privacy Impact Assessment is highly recommended.

slide-22
SLIDE 22

Possible Solutions to Give Your System an Edge

▪Data-Hiding ▪Compression Algorithms (ex: WSQ) ▪Cancelable Biometrics ▪Watermarking ▪Encryption & Distortion Transforms ▪Combining with practices like two-factor authentication.

slide-23
SLIDE 23

More Resources

▪Shoniregun, Charles and Crosier, Stephen. Securing Biometrics Applications. Springer, 2008. ▪Vacca, John. Biometric Technologies and Verification Systems. Elsevier,2007. ▪OECD. Biometric-based

  • Technologies. OECD

Digital Economy Papers,

  • No. 101, 2004.

http://dx.doi.org/10.178 7/232075642747

▪Patel, Vishal, Ratha,

Nalini and Chellappa,

  • Rama. Cancelable

Biometrics: A review. IEEE Signal Processing Magazine, 2015.

▪Biometric Vulnerabilities Exposed (Infographic). Intel. ▪Thakkar, Danny. What are Risks of Storing Biometric Data? Bayometric.com, 2018.

Books Articles Websites

slide-24
SLIDE 24

About Information in Bloom & Victoria McIntosh

  • Freelance information and privacy contractor in Nova Scotia,

Canada.

  • Combines information science (MLIS) and certification as an

Information Privacy Technologist (CIPT) by IAPP.

slide-25
SLIDE 25

Enjoyed this Talk? Contact Victoria & Tell Your Friends

bloom@victoriamcintosh.com @vmcntosh www.linkedin.com/in/victoriamcintosh/ www.VictoriaMcintosh.com