A simple capability found in most cameras may enable security experts to counter efforts by terrorists and other security threats to spoof iris recognition systems. The new approach focuses on eye function in addition to appearance, thus unmasking several types of deception that either would conceal a real iris or would fool a detection system into false acceptance.
Iris recognition employs near-infrared or visible light scanning to record the pattern in an individual’s iris, which barring injury remains largely unchanged in a person from the age of 9 months. Near-infrared scanners reveal texture, and visible light shows pigmentation. Iris recognition systems can be used as security devices that admit only people whose iris patterns are cleared for access in a database, or they can be used to identify terrorists or other criminals who have been scanned and whose patterns already are on file.
However, these detection systems can be fooled by covering or altering the appearance of the iris. Criminals who want to avoid detection can wear a cover that conceals their incriminating iris. Similarly, someone who wants to impersonate a cleared individual at a security checkpoint can wear a fake iris that portrays the pattern on the original trusted individual.
The new counter to these and other types of iris recognition spoofing comes from one of the men who shares the patent for the original technique. Dr. Leonard Flom, principal investigator of biometrics and assistant clinical professor in the Department of Ophthalmology at the New York University School of Medicine, developed iris recognition in 1987 with the late Dr. Aran Safir.
Flom describes five ways of spoofing iris recognition. The first way is to dilate a pupil to the maximum extent possible. This way, the iris pattern is not recognized by a scanner.