Project plan for ID card systems secured by finger vein authentication

Transcription

1 Project plan for ID card systems secured by finger vein authentication Introduction The physical protection of institutions requiring high security is getting more emphasis today, since the attacking methods are also becoming increasingly complex and sophisticated. However, a significant proportion of the technologies used make unauthorized access of determined attackers only slightly more difficult, due to quality, structural and human errors. Our goal is to make the systems currently in use more secure and resilient to attacks at a low cost. To confirm the validity of our project, first we review the most commonly used solutions and their weaknesses, then we offer a new solution to the problem posed. Technologies currently in use ID cards, keys One of the most widely used methods are ID card solutions (RFID, magnetic stripe cards, chip cards). The operating mechanism of these is based on verifying the data stored on the card, or, in better cases, on software running on the card. In case of the simple cards, the authenticity of the card is verified by reading and checking the data stored on it, which is very easy to copy; if the card is using radio frequency identification, attackers do not even need to obtain the card. It is enough for them to get close enough to acquire the sensitive data. In case of cards using PayPass, attackers can obtain enough open text data to withdraw 10 EUR from our account on five occasions - without knowing our PIN code 1. Problems may arise in case of more secure cards, using some sort of authenticating software as well; one need only to think of Myfair cards previously used at London public transport. These used Crypto 1 encoding, and were proven to be vulnerable after decrypting the algorithm. Today, the data on the card can be rewritten with a few hundred dollar equipment. In case of cards using safe validation, for example asymmetric validation, based on client-server architecture, there is risk of the card's disappearance and theft, and we are left unprotected against social engineering methods as well ("I forgot my card at home, can I borrow yours?") / 5

2 Identification codes Another approach is the use of identification codes. These are number or character sequences of variable length, which are very vulnerable; if users choose their code, they will probably give codes they already use somewhere else. If the code registering system is faulty, users can set up weak passwords, which are very common, well known or can easily be cracked with a dictionary-based attack. Strong passwords are easy to forget, weak passwords are easy to guess or spot, and the secrecy of the password depends on the user. If users make a mistake, the passwords can easily leak out, or they can be obtained by force. 2 / 5

3 Biometric Solutions The third, commonly used method is the use of biometric identification solutions. These use the user's physical properties for authentication. Two very important measures of these systems are FAR (False Accepting Rate), meaning falsely accepted identification and FRR (False Rejection Rate), denoting false rejections, and FTE, which indicates the proportion of people who cannot be identified with these methods for some reasons (eg. physical injury). The most widely used biometric identifier today is fingerprint, although it is far from being secure. A little gum arabic is enough for an attacker to produce the copy of the user's fingerprint using a latent fingerprint (such as grease stains left on a glass). In addition, 3-4% of the population is unsuitable for fingerprint identification. Depending on the technology used, the FAR varies between 1: and 1: , while the FRR takes up an extremely high value, between 1:30 and 1: / 5

4 Face recognition is also used for authentication, and it can be tricked by using a photo of the face, or a video recording of it, in case the system requires the face to be detected as alive, for example by blinking. These systems have 1:1000 FAR, and a 1:300 FRR. It is important to note that the success of authentication is greatly influenced by the lighting conditions, so this option only be used under certain circumstances. A similar, photo based identification solution is the much more precise iris identification, mostly used in safety-critical areas, but there are targeted attacks to this one too. The safest methods available today are retinal and vein based solutions, which examine the users' vascular network. These systems have the lowest false acceptance and false rejection rate; FAR can reach 1: Their advantage is that the vascular system cannot be copied, and the system will not accept non-living body parts, so users must be alive for identification. The installation of these systems is however very complex and expensive, requiring the complete replacement of existing systems. Combined Solutions A certain three-stage identification process is widely accepted among security experts: users are identifiers on their own, and they have an identification tool, and knowledge which can be used for identification. This means if we choose a solution from all three major identification groups listed above and use them combined if the quality of the individual systems is appropriate the identification can be considered safe. Our goal is to create such a highly secure identification system, using all three solutions combined. 4 / 5

5 Our Proposed Solution Given that the combination of the three identification methods is considered the safest, we suggest a system which can be easily integrated, but combines the use of: finger vein based verification identification card PIN code (optional) In our envisioned system, the users' card is equipped with a finger vein scanner employing Sony technology, that allows the card to identify itself in the system only after it had successfully identified the user. In case of unsuccessful vein authentication, the card output is not suitable for identification. Afterwards, the system requires a PIN code, in case the applying institution finds it necessary. Our scheme is easy to integrate into existing systems - as only the identifier cards need to be replaced, the identifier systems do not -, and it creates an innovative, highly reliable identification system at low technological costs, which cannot be copied, and cannot be circumvented without the users' conscious co-operation. 5 / 5