Subverting Fingerprinting 169
squizzar writes in with news of a 27 year old Chinese woman who was discovered to have had her fingerprints surgically swapped between hands in order to fool Japanese immigration. "It is Japan's first case of alleged biometric fraud, but police believe the practice may be widespread. ... The apparent ability of illegal migration networks to break through hi-tech controls suggests that other countries who fingerprint visitors could be equally vulnerable — not least the United States, according to BBC Asia analyst Andre Vornic." Time for some biometric escalation. Could iris scans be subverted as easily?
GLORIOUS NIPPON (Score:1, Insightful)
Can't blame her for wanting to live in Japan.
What a security vulnerability! (Score:2, Insightful)
This is only a security threat if someone removes my finger and graft's it to someone else's hand so they can get my data. So my data is only as secure as the skin on my finger. I'm so scared. The likelihood of someone stealing my finger to get data is really high. Worse, they'll steal my eyeball to fake an iris scan. Maybe soon they'll just steal my brain and remove the passwords I have memorized. I'm sure in all those scenarios what I'll be thinking is "OMG, My Data!"
Did she fool anyone, though? (Score:5, Insightful)
Japanese newspapers said police had noticed that Ms Lin's fingers had unnatural scars when she was arrested last month for allegedly faking a marriage to a Japanese man.
Seems like until they can get rid of the circular scars around their fingertips, they aren't going to fool anyone. From now on, when officials notice circular scars or other shaped scars around fingertips, they will probably have the person undergo further testing.
As far as iris switching...I don't think so. I have a feeling that the permanent blindness that likely follows(though I am not an ophthalmologist, so I can't be sure as to what is possible) will override any benefits that come from the short term gains of biometrics trickery.
long term identity subversion prevention (Score:4, Insightful)
The only real identity that is immune from subversion is consistent, community agreement.
What I mean by this is that every piece of data measured can be faked, copied, or altered in the database against which the measurement is checked. DNA can be planted, id cards will be sold on black markets and faked, biometrics can be later changed or forged. The measured data in the database against which identity is checked can be altered - *all* the technology-based methods for ID have vectors of attack.
What cannot be faked is what ones peers and friends agree upon regarding who an individual really is, and that the human in wuestion really is the person they agree it is. If all the friends and neighbors agree you really are Bob, then you're Bob regardless of what you do, or what data is stored in electronic systems. This is an unwieldy (nearly impossible) metric for access to a bar, authentication for into services, permission to drive, or asserting your ID at the bank to get your money. However, at its heart, community consistency could be the unalterable root from which all the other identification methods would rely upon. Basically one can create all kinds of electronic, physical, and technology based systems that will need to get reset when they are faked or forged or incorrect. To rely on other electronic systems for that reset is flawed and misses the essential nature of how people understand and use interpersonal identity.
Re:What a security vulnerability! (Score:3, Insightful)
Re:Watching 'Bladerunner' too many times? (Score:4, Insightful)
The tech for swapping fingerprints apparently exists.
The tech for swapping fingerprint cards has existed even longer. Sometimes it's the people taking the prints that swap them for you.
Re:long term identity subversion prevention (Score:1, Insightful)
Not true, I've seen a case where a person built up multiple fake identities over a number of years in small country towns by visiting once a week as Bob in town one and Dave in town two etc. When it came for the ‘community’ to verify his identity as part an ID application process the people had know Bob/Dave for a number of years and he was granted numerous ID’s. It only got found out when they ran a facial recognition match over the system. It was a lot of work on his part but beats the community component.
Re:Did she fool anyone, though? (Score:5, Insightful)
From now on, when officials notice circular scars or other shaped scars around fingertips, they will probably have the person undergo further testing.
However, their cost to check has now gone up by at least 2x, maybe even 10x - they need to manually inspect every person (you can't just check the negatives because if the faker happens to have passed through successfully in the past their 'new' prints will already be in the database).
And this is only one attack vector. We've already seen the korean woman [crunchgear.com] last year who used a practical application of the gummy bear [theregister.co.uk] trick to fool the japanese too.
The thing to remember is that these systems will only get less effective as time goes by. All the hype when proposed about how great they are, for whatever intended purpose, represents the best they will ever be - the more familiarity people get with the systems, the more ways people will figure out how to circumvent them.
Kinda warms my freedom loving heart it does.
Re:Really.... (Score:3, Insightful)
"The Myth of Fingerprints" - Paul Simon, right? As far as I understand it they only use a few "distinguishing features" anyway - and they allow for damage to those (like a cut). However, the point is that it's hard to predict what will "fool the scanner" and what won't. If you don't know which "distinguishing features" it's looking for what do you change? Even harder is to get the scanner to give a false hit on someone else's finger print data (so you can pretend to be them).
As evidence at a crime scene I think finger prints are far more suspect than they might at first appear.
Re:long term identity subversion prevention (Score:4, Insightful)
What cannot be faked is what ones peers and friends agree upon regarding who an individual really is, and that the human in wuestion really is the person they agree it is. If all the friends and neighbors agree you really are Bob, then you're Bob regardless of what you do, or what data is stored in electronic systems. This is an unwieldy (nearly impossible) metric for access to a bar, authentication for into services, permission to drive, or asserting your ID at the bank to get your money. However, at its heart, community consistency could be the unalterable root from which all the other identification methods would rely upon. Basically one can create all kinds of electronic, physical, and technology based systems that will need to get reset when they are faked or forged or incorrect. To rely on other electronic systems for that reset is flawed and misses the essential nature of how people understand and use interpersonal identity.
I disagree. Community relationships can be forged just as easily (if not easier) than biometrics in every sense. ... those are a person's closest contacts giving their most sincere impressions of that person. Do you feel like you really know him after reading one? Is it really likely that they do?
... a complete rewiring! ... but it's still Bob, from society's (and the law's) point of view.
... it resides in a medium that is neither fully understood nor fully expressible. For all practical purposes, Bob will remain the sum of his parts, both socially and biometrically. Our ability to gauge Bob, like our ability to impersonate him, is based squarely on our perceptive capabilities and our time investment, and biometrics (especially retinal scans and DNA prototyping) are pretty damned capable.
First, you have to ask yourself "which community?" With modern transportation, Bob's community could easily span his state. With modern communication, Bob's community could span the entire world. Concepts of traditional associations and communities are in a state of constant flux. To Bob's closest friends, he may be a blob of text. It's entirely possible that Bob goes throughout life without anybody ever truly knowing him. And even if he develops close relationships, they may be difficult to extract and correlate enough to develop any serious sense of him. Just go read an obituary
Then, you have to ask yourself "what consistency?" To his World of Warcraft pals he may be a secret agent astronaut millionaire [toynk.com]. To his Facebook friends, he may seem a fun, insightful guy who loves to play sports. To his parents, whom he visits on holidays, he might be a successful banker. To his landlord, he might be a deadbeat who lost his banking job in the recession. All of these personas are maintainable and verifiable in the context of his community relationships.
So bring forgery into account. Online, forgery is easy, as long as there's internal consistency with his community. In person is more difficult, but there are physical look-alikes and actors who could pull it off. Someone claiming to be Bob could completely redefine his community impression with enough determination. Point is, someone can easily pretend to be Bob, with or without his blessing, in any of his community relationships if they devote enough time and circumstance works in their favor.
So what really is a person's identity? It's not community relationships any more than it's biometrics. All of those are third-person impressions of an organism, and they only certify identity through temporal and physical correlation of their data. The only physical identity that is Bob is his brain, which (for now) cannot be duplicated and (spiritually) will never be (if that's the kind of thing you believe in). Even then, Bob can change in an instant with brain trauma
His identity is not absolutely verifiable for the same reason it's unique
Re:long term identity subversion prevention (Score:3, Insightful)
At one time, that was sort of the final safety valve. If worst came to worst, a person could start over with a more or less fictional history and be judged from that point forward only.
While that can be misused, there can also be legitimate uses. We as a society seem to be racing headlong the other direction. Get caught peeing on a dumpster and you might get a scarlet letter for life.
Re:What about publishing them openly? (Score:3, Insightful)
How is that going to help you when they refuse to let you in at the border check?
Re:What about publishing them openly? (Score:2, Insightful)
How about a public (anonymised) repository of fingerprints. The idea is this: I can't change my prints, nor can I get back control once the government has taken them. But I could publish them to the world. That makes the print very easy for anyone else to fake. In other words, plausible deniability.
Why stop there.. Post DNA to the web too ;)
To my mind the who idea of biometrics as an absolute to your identity is bogus. It is nuts to think that just because DNA is 'unique' you it makes it exclusive enough to be a guarantee of who you are. Given time and technology and the descendants of the current DNA cloning technology they use to solve crimes being smaller, cheaper and portable how long will it be before DNA is realised to be THE most unreliable source of exclusivity there is as EVERYONE leaves traces of their DNA everywhere they ever go.
Think of it this way. My brother who works in a top research Lab had the experience of the associated bank to the lab talk about putting in a biometric cash machine. This lab specialises in biomedicine and so it was rather a shock to the bank in question when they had hundred of very qualified scientists signing a petition against the idea. Why you make ask? Simple, they know the limits of biometric data and are ahead of the loop when it comes to it's usefulness. In a traditional set up if you lose your credit/debit card what happens? You contact the bank, they cancel the card, they give you a new one, End of story. If your biometric data gets compromised what do you do then?
Sometimes it is better if people thought about the long term instead of the quick fix, but the truth of the matter is all this climate of fear , suspicion, and draconian security is all fueled by the industries that profit from them. Is this any surprise to people? It is the same with spam email and viruses. These are very simple problems to circumvent but there is a MASSIVE industry making sure no one ever does.
Call me a cynic but that's the way I see it.
'snuff said.
Re:Did she fool anyone, though? (Score:3, Insightful)
Won't most people end up doing that anyway?
Come to work, put the finger on the scanner, go to the cafeteria, grab a donut or something, eat it.
If the thought of eating something that touched a fingerprint scanner disgusts you, avoid thinking too much of all the crap you touch with the fingers every day, or you might vomit.
Just a few examples: your car's wheel is probably very seldom cleaned, tests have showed that keyboards have more germs on them than toilet seats, any banknote or coin you have may have passed by hundreds of other owners sick with who knows what and been dropped on a large variety of surfaces, any door handles you touch may have bacteria left by 20 other people, and so on.
With all of that, I don't think eating a gummi bear that touched a fingerprint scanner is going to add that much extra danger, in comparisons to the benefits that could be conferred by "the perfect crime"