Blog     e-Newsletter       Resource Library      Directories      Webinars  Apps     EBooks
   AFCEA logo


Closing the Door on 
Iris Recognition Vulnerabilities

September 1, 2013
By Robert K. Ackerman


A simple capability found in most cameras may enable security experts to counter efforts by terrorists and other security threats to spoof iris recognition systems. The new approach focuses on eye function in addition to appearance, thus unmasking several types of deception that either would conceal a real iris or would fool a detection system into false acceptance.

Iris recognition employs near-infrared or visible light scanning to record the pattern in an individual’s iris, which barring injury remains largely unchanged in a person from the age of 9 months. Near-infrared scanners reveal texture, and visible light shows pigmentation. Iris recognition systems can be used as security devices that admit only people whose iris patterns are cleared for access in a database, or they can be used to identify terrorists or other criminals who have been scanned and whose patterns already are on file.

However, these detection systems can be fooled by covering or altering the appearance of the iris. Criminals who want to avoid detection can wear a cover that conceals their incriminating iris. Similarly, someone who wants to impersonate a cleared individual at a security checkpoint can wear a fake iris that portrays the pattern on the original trusted individual.

The new counter to these and other types of iris recognition spoofing comes from one of the men who shares the patent for the original technique. Dr. Leonard Flom, principal investigator of biometrics and assistant clinical professor in the Department of Ophthalmology at the New York University School of Medicine, developed iris recognition in 1987 with the late Dr. Aran Safir.

Flom describes five ways of spoofing iris recognition. The first way is to dilate a pupil to the maximum extent possible. This way, the iris pattern is not recognized by a scanner.

Don’t Blink! Eyes Provide Long-Term Identifications

August 26, 2013
By Rita Boland

Iris scans are a legitimate form of biometric identification over the long term, a new study from the National Institute of Standards and Technology confirms.

The Best Laid Plans Fly Awry

June 1, 2013
By Max Cacas

The U.S. Air Force’s migration to a new enterprise network known as AFNET will be at least two years late in completion because the project turned out to be more complicated than planners anticipated.

U.S. Army Modifies Biometrics Contract

April 5, 2013
George I. Seffers

CACI-CMS Information Systems Inc., Chantilly, Va., was awarded a $9,705,666 modification, to a previously awarded firm-fixed-price contract to provide program management and engineering services in support of Department of Defense biometric programs. The total cumulative face value of this contract is now $43,357,840. The Army Contracting Command, Picatinny Arsenal, N.J., is the contracting activity. 

Northrop Grumman to Sustain Biometrics Database

March 6, 2013
George I. Seffers

Northrop Grumman Information Systems, McLean, Va., was awarded a $9,784,125 cost-plus-fixed-fee contract. The award will provide for the modification of an existing contract to exercise the option for systems sustainment in support of the biometrics database. The U.S. Army Contracting Command, Picatinny Arsenal, N.J., is the contracting activity.

Intelligence Sharing and Cooperation Enable Homeland Security

February 27, 2013
By George I. Seffers

Homeland Security Conference 2013 Show Daily, Day 2

In the aftermath of the 9/11 terrorist attacks, the military, government and intelligence officials all agreed that federal agencies needed to be more willing and able to share critical data to better connect the dots.

While agencies at all levels—federal state and local—have made progress, officials continue to push for ever greater sharing and cooperation, not just within government but with industry and the general public as well. For example, while the departments of Defense, Justice and Homeland Security can and do now share biometrics data housed in the disparate databases, they continue tweaking technology to improve data sharing even further.

But now, some officials argue for a greater partnership between government and industry in the area of cybersecurity and critical infrastructure protection. A strong relationship with the local power company and willing volunteers can be essential to recovery following a national disaster. Even social media can play a role—tweets from the public can provide essential situational awareness about where fuel, food, electricity and water are available.

Intelligence sharing, interoperability, partnerships, relationships and cooperation were among the most commonly used terms among speakers and panelists during the second day of the AFCEA Homeland Security Conference in Washington, D.C.

Security Concerns No Longer Drive Biometric Technologies

February 27, 2013
By George I. Seffers

Security concerns have largely driven advances in biometric technologies, but that likely will not be the case in the coming years. Commercial needs will overtake government security needs in determining the direction of biometrics, according to Troy Potter, vice president, Identity and Biometrics Solutions, Unisys Federal Systems, at the AFCEA Homeland Security Conference on Wednesday.

“We’re looking at this change from a security focus to a convenience, automation and cost-savings focus. That’s driving the market today. Commercial organizations will drive the market for the next 10 years,” Potter stated.

He cited the example of a friend who has to provide a fingerprint scan when dropping off and picking up her child from the day care center. Potter said that while it may seem to be an effort to improve security, it actually is more motivated by cost savings and having a detailed record of exactly when children are picked up and dropped off. He also cited the example of social media sites using facial recognition.

Some systems, he pointed out, now require a 16-digit password and a large percentage of help desk calls are for password resets, making biometrics an attractive alternative. “The problem is, who is going to manage all of this,” he asked. “Do we trust the day care more than we trust the government?”

Kratos to Support U.S. Marine Corps Biometrics Programs

February 25, 2013
George I. Seffers

Kratos Defense and Security Solutions Inc., San Diego, Calif., a leading National Security Solutions provider, announced today that its Defense Rocket Support Service division's Technical Services business unit won the contract to provide acquisition, financial, logistics, training, technical, program management and administrative support to the Program Manager United States Marine Corps Counter Radio-Controlled Improvised Explosive Device Electronic Warfare (PM USMC CREW) Biometrics Programs. PM USMC CREW Biometrics Programs include the Biometrics Automated Toolset and server, the Identity Dominance System Marine Corps, the Biometrics Enrollment Screening Device, the Handheld Interagency Identity Detection Equipment. Kratos will also support Biometrics training, which is conducted by the Tactical Training Exercise Control Group and the Marine Corps Tactics and Operations Group at the Marine Air Ground Task Force Training Command, 29 Palms, Calif.

Integral to Provide Intelligence Support for Deployed Forces

October 24, 2012
George I. Seffers

Integral Consulting Services Inc. recently announced that it has been awarded an indefinite-delivery/indefinite-quantity single award contract worth up to $49.7 million from the U.S. Army’s National Ground Intelligence Center (NGIC) for all-source intelligence analysis and support services. Integral will provide biometrics-enabled intelligence (BEI) and all-source identity intelligence (I2) analytical support to NGIC, Defense Department customers from the tactical to national levels, and interagency partners. Integral also intends to perform watch list management functions, coordinate reach-back BEI support for deployed forces, and perform related supporting tasks as required.

Plug-and-Play Biometrics

September 1, 2012
By Rita Boland
  A U.S. paratrooper uses a handheld identity detection device to scan an Afghan man's iris while on patrol in Afghanistan's Ghazni province.
  A U.S. paratrooper uses a handheld identity detection device to scan an Afghan man's iris while on patrol in Afghanistan's Ghazni province.

Government scientists have introduced a command and control protocol designed to bring interoperability to the world of biometrics. Manufacturers now can experiment with the open design in their products, offering more flexible, less expensive technologies for authenticating identities.

This National Institute of Standards and Technology (NIST) project enables the sharing of data among biometrics sensors over wired or wireless networks via Web services (WS). Called the WS-Biometric Devices, or WS-BD, the protocol allows developers to create connections among biometric capture devices and clients connected on a network or through the Internet. “We did a lot of work to make it modality-agnostic,” Kevin Mangold, a computer scientist at NIST, explains. “You can use the same interface for ... pretty much any biometric you can think of.”


Subscribe to RSS - biometrics