Forgot your password?
typodupeerror
Security Technology

Using Face Recognition Instead of a PIN Number 254

Posted by samzenpus
from the please-enter-your-face-again dept.
coondoggie writes "Face recognition as a unique biometric is growing slowly in certain corporate and consumer applications, but researchers at the University of Houston (UH) are trying to make the technology far more ubiquitous and secure: they want it to replace the dozens of personal identification numbers (PIN), passwords and credit card numbers everyone uses every day. University researchers developed the URxD face recognition software that uses a three-dimensional snapshot of a person's face to create a unique biometric identifier."
This discussion has been archived. No new comments can be posted.

Using Face Recognition Instead of a PIN Number

Comments Filter:
  • Bad idea (Score:5, Insightful)

    by Ckwop (707653) * <Simon.Johnson@gmail.com> on Thursday August 02, 2007 @04:07AM (#20082735) Homepage

    This is stupid for a couple of reasons. The first is that biometrics suck and are usually almost trivial to subvert. See the $10 fake finger [deeperwants.com], for an example. What do you do if somebody hacks your credentials as well? Have facial re-constructive surgery? But even if you had very good biometrics that were hard to fake, it still less secure than having separate credentials to access everything.

    Why is this? Well for the sake of argument, let's suppose it costs £50 to create a duplicate of my chip and pin card that will work in any cash point. I have four such cards in my wallet so the cost of duplicating them all is £200. In order for the biometric to replace my cards completely and be equally secure, it has to cost more than £200 to fake.

    The problem is that the unified security mechanism rarely costs more to subvert then all the IDs it replaced. This doesn't just apply to bank-cards it also applies to national ID cards and any centralisation of security.

    The fundamental principle here is that centralising security often reduces security. This is something to keep in mind when you're consolidating servers [slashdot.org].

    Simon

    • by froggero1 (848930)
      You know what else is a bad idea?

      Entering in your PIN number into an ATM machine and getting a NSF funds error message.
      • Re:Bad idea (Score:5, Funny)

        by andy666 (666062) on Thursday August 02, 2007 @08:54AM (#20084469)
        I was walking over to an ATM machine the other day, when I realized that many other people have the same PIN number as me. I thought "they should have a personalized PIN number." Also, my bank still uses those old CRT tubes and they are hard to read, so they really need to upgrade the whole thing. Anyway I went into the bank to sit and talk to a representative about this, and I was reading a DC comic, and the light next to me was flickering. Damn that AC current! I took out my laptop, since I wanted to learn more about CSS style sheets. (Are they under the GPL license btw ?) After about 5 minutes of reading I had a headache - I felt like an ICBM missile had hit my head! Or maybe it was from my LCD display. What I need is a vacation I thought - so I went home and started to pack my SCUBA gear.
        • This is utter codswallop.
        • Re: (Score:3, Informative)

          by AJWM (19027)
          Ah, you blew it right at the end. It's SCUBA apparatus. The other gear is stuff like mask, fins, etc.

          Be thankful I couldn't locate you with my RADAR ranging device, you might have been zapped with LASER radiation.

          Otherwise, well done.
    • by QuantumG (50515) <qg@biodome.org> on Thursday August 02, 2007 @04:54AM (#20083013) Homepage Journal
      The reason why it is a bad idea to use your face as a password is that everyone can see your freakin' face. Why not just write your password in black marker on your forehead?

      That's secure right?

      • by femto (459605)
        Combine a mobile phone camera with software [eptron.es] to reconstruct a three dimensional object from a sequence of images and you can crack the "password" of anyone you pass on the street.
    • by mwvdlee (775178)
      In short it's the old adage that you should never use the same password twice.
    • Those are all good points, but the main problem I see with biometrics is that it puts humans rather than keys/cards/ids between the criminal and their target. With previous tech, the criminal could just wait until no one is around, and steal their keys/cards/tokens. With this approach, the criminal is much more likely to resort to putting a weapon in someone's face, and forcing them to assist in a crime. With a sufficiently principled person, that could lead to death.
    • 1. Enter Microsoft Disguised as a janitor.
      2. Go around cleaning everyones garbage cans.
      3. Find a Large Portrait or Bill Gates over a Color Copier.
      4. Make Photo Copy of the picture.
      5. Continuing to clean other peoples garbage enter Bill Gates office.
      6. Clean his garbage.
      7. Walk outside and see your ship has been stolen and is placed in the companies parking lot
      8. Go back to Bill Gates office and take his ATM card.
      9. Leave the offices.
      10. Go to the ATM Machine Use Bill Gates Keycard and his photocopied photo
    • by fyngyrz (762201) *
      The first is that biometrics suck and are usually almost trivial to subvert.

      On the plus side, it brings a lovely Hannibal Lecter-like meaning to the inevitable phrase "Hack your face."

    • No. No. and No. (Score:3, Insightful)

      by mpapet (761907)
      The first is that biometrics suck and are usually almost trivial to subvert.
      Okay sure, spend $50 on some sensor or $150 on sensor+lock and it will accept a fake finger. But that's not your average biometric installation.

      What do you do if somebody hacks your credentials as well?
      If the bad guy wants in, he won't try to reproduce your *face* to get in. This is just absurd.

      The problem is that the unified security mechanism rarely costs more to subvert then all the IDs it replaced.
      Except biometric installation
      • Except biometric installations aren't replacing many access control mechanisms with one.

        I'm sure right now they're not. But the parent was responding to the article, and part of the point of the article (which may or may not reflect how they are or will be implemented in real life) is that they should:

        "Remembering dozens of personal identification numbers and passwords is not the solution to identity theft. PINs and passwords are not only inconvenient to memorize, but also are impractical to safeguard.

        • by mpapet (761907)
          the point of the article ... is that they should:

          The word "should" is used to forcefully assert some opinion. There are a million things wrong with the quoted marketingspeak and using "should" to pile on another bad idea is simply wrong.

          Remembering dozens of personal identification numbers and passwords is not the solution to identity theft.
          Biometrics is not a silver bullet for "identity theft." In fact, it's the wrong tool.

          The solution is to be able to tie your private information to your person in a way
      • by Tony Hoyle (11698)
        Okay sure, spend $50 on some sensor or $150 on sensor+lock and it will accept a fake finger. But that's not your average biometric installation.

        You didn't see mythbusters did you? They got a top of the line biometric sensor which the manufacturer claimed had *never* been broken, had all sorts of buzzword compliant checks (pulse, temperature, etc.).

        They broke it with a photocopy of a fingerprint.

        • Which manufacturer? Where did they buy it? Who provided the application that accepted a photocopy?
        • http://iqbio.blogspot.com/ [blogspot.com] had a blurb on what you claim. Both applications (a door lock and a sensor on a laptop) are crappy.

          Spending several thousands of dollars for a door lock and several hundred for a proper access control peripheral would defy mythbuster tests. It also would make bad tv, so you'll never hear about it.
  • by Aranykai (1053846) <slgonser@NOspAm.gmail.com> on Thursday August 02, 2007 @04:08AM (#20082737)
    Its an interesting concept. I will agree with that.

    Essentially, it uses your face to access your information in a database, which could include bank, credit card, medical, or pretty much anything else desired.

    However, all a person then needs to commit fraud is to capture these scans and feed it back to the software...

    Ill keep my zero liability credit cards and my 4 and 6 digit pin numbers thank you.
  • Check for life! (Score:5, Interesting)

    by reality-bytes (119275) on Thursday August 02, 2007 @04:11AM (#20082753) Homepage
    I hope this system includes some method to check whether the rest of the person apart from the face is present.

    Some poor Malaysian fellow has already lost a finger [bbc.co.uk]. I'd hate to have my head stolen just to access my bank account.
    • Re: (Score:2, Funny)

      by Anonymous Coward
      Jeez! Seeing that, maybe it's time to rethink my biometric penile scanner I've been planning.
    • So if the system only needs my face... how does it know I am not under threat to perform whatever action is required?

      With my home security system I have two codes, one deactivates the system allowing entry, the second allows entry but immediately calls the police. Both operate exactly the same from the stand point of someone who doesn't know the number.

      I guess we could "combine" features, use facial, iris, or other physical, identification with PIN numbers and such for sensitive activities and just allow
    • Re: (Score:3, Funny)

      by hotdiggity (987032)
      I'd hate to have my head stolen just to access my bank account.

      Yep. Might just want to limit this system to in-store purchases. Then when a would-be thief walks into a Best Buy to get a plasma TV using my card and severed head, the clerk may get suspicious and ask for a second piece of ID.

      • by fyngyrz (762201) *
        Then when a would-be thief walks into a Best Buy to get a plasma TV using my card and severed head, the clerk may get suspicious and ask for a second piece of ID.

        Come on. You know this would only work for a few days before the crooks catch wise and cut off a finger as well.

  • by cliffski (65094) on Thursday August 02, 2007 @04:11AM (#20082757) Homepage
    But the fact that every single one of them has different stupid restrictions. I try to limit myself to two common passwords where possible. one is fairly short, one is quite long.
    Recently I needed a new password for a site. I tried the short one. "your password must be at least X characters". fine, whatever, that's why I use my long one,"your password is too long", so a new, made-up one "your password must contain at least one number". WTF?
    Can we not at least agree some standard on this? Like many people I end up having to write this new mangled password down, totally defeating its security.
    I do not see, from a code POV, why it matters that the password is less than X characters. Between 5 and 10 characters? WHY? what is wrong with between 5 and 50 characters? or 5 and 100 characters?
    Most people can remember a sentence pretty easily, especially a favourite catchphrase or movie quote, remembering "tuesdaypass442" is not so easy, and thus they get written down. I understand the need for minimum pass lengths, but capping the max so low, and so close to the min, is just madness. Give us flexibility in passwords, not some dubious new expensive tech to do the same job.
    • Plus, having the same password on several website is an issue. I do this also but I keep wondering what will happen the day that one of the maintainers of the forum where I registered decides to impersonate me on other forums or even -gasp- on slashdot. Hopefully, my email password is unique and I can recover some stuff from there...
    • Like many people I end up having to write this new mangled password down, totally defeating its security.
      I don't see why writing down defeats a password its security. As long as you guard that piece of paper, it's totally safe.
      • I don't see why writing down defeats a password its security. As long as you guard that piece of paper, it's totally safe.
        Indeed. I don't need a secret password to get into my apartment, to start my car, or to open my filing cabinet. The security of my apartment is only defeated if I leave the key taped to a Post-It note, affixed to the door frame when I go out. It's rather stunning that people will do exactly the same thing with their computer passwords.
    • by shish (588640)

      why it matters that the password is less than X characters. Between 5 and 10 characters? WHY? what is wrong with between 5 and 50 characters? or 5 and 100 characters?

      Because those would take up too much room in the database :P

      It's scary how many sites have max length limits, which implies that they're storing passwords unhashed -- even scarier is when you *know* sites are storing passwords unhashed, because every time they send you a bit of physical mail your username and password is printed across the top of it. An example of this UCAS [ucas.com], an organisation with vast amounts of personal information about pretty much every university student in the UK.

      A related weird o

  • I kinda like the ability to forget or lose my PIN number. I can't exactly lose my face.
    • I kinda like the ability to forget or lose my PIN number. I can't exactly lose my face.
      Oh, sure you can! Just say something embarrassing in public ;-)
  • by forgoil (104808) on Thursday August 02, 2007 @04:14AM (#20082783) Homepage
    Or people looking really alike, I mean, how precise is this thing? What about make up? Trip to the beach? Getting your hair done? Shaving accident?

    They are trying to solve a problem (I hate pin codes) by making it to a worse problem. Way to go...
  • Someone takes a picture of your face using their cell phone, or takes an existing picture off of myspace, etc. I think it would be pretty damn hard for a camera to do facial recognition unless it truly is a 3D camera -- otherwise you can just stick a picture of the owner's face in front of the lens and you're in business.
    • by AlpineR (32307)

      Somebody who didn't read:

      I think it would be pretty damn hard for a camera to do facial recognition unless it truly is a 3D camera -- otherwise you can just stick a picture of the owner's face in front of the lens and you're in business.

      The article:

      University researchers developed the URxD face recognition software that uses a three-dimensional snapshot of a person's face to create a unique biometric identifier.

  • by jsse (254124) on Thursday August 02, 2007 @04:35AM (#20082903) Homepage Journal
    Because it requires them to shave.

    "Please stuck your head in the scanner for face recognition."

    *grumble*

    "Your face was not recognized, please rub your face with the towel provided and try agiain."

    *damn*

    "We failed to recognized your face after several trials. We'll now shave your face for a better recognition result. To avoid you moving your head while shaving is in progress, we'll lock your head firmly now."

    *shaver pop out*

    "NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO"
  • MI (Score:3, Insightful)

    by bazorg (911295) on Thursday August 02, 2007 @04:40AM (#20082935)
    these guys didn't watch "Mission: impossible" [imdb.com]?
  • So... (Score:5, Insightful)

    by QMalcolm (1094433) on Thursday August 02, 2007 @04:44AM (#20082959)
    Instead of using something that's secret and can be changed, they want to start using something that everyone can see, and is not changeable.
    • Update biometrics. (Score:2, Insightful)

      by iknownuttin (1099999)
      Instead of using something that's secret and can be changed, they want to start using something that everyone can see, and is not changeable.

      I guess you'd have to have your biometrics updated every few years as you age. More often if you smoke, drink heavily, sun bath, etc... those things age you faster.

  • It's Bogus (Score:4, Interesting)

    by ajs318 (655362) <sd_resp2 AT earthshod DOT co DOT uk> on Thursday August 02, 2007 @04:47AM (#20082977)
    It's bogus. I can say this with certainty.

    How do I know? Because the exact same maths apply to a different domain, and we'd already have seen developments there if this was true.

    Decompilation uses exactly the same abstract mathematical concepts as shape recognition (of which facial recognition clearly is a subset). Just replace "vertices" with assembly-language instructions and the "shapes" to which they may belong with program structures (for / while loops, subroutines &c).

    If there was anything in this facial recognition malarkey, somebody would have created a working decompiler by now. That's just a simple application of the law of averages; there are many more hackers out there than there are biometrics researchers. And there's a huge application for a decompiler: the ability to decompile a program which originally was written in, say, Visual BASIC into C++ will mean that programmers can collaborate on a project without having to have a language in common (and, incidentally, it will also mean that Freedoms One and Three can be taken by force like Freedoms Zero and Two). So far, nobody has created such a thing.

    It's snake oil, pure and simple.

    Plus, I kind of like the extra security layer that I get by having different PINs for all my cards and different paswords for all my online accounts. If someone discovers, say, my Halifax PIN, they'll have to steal my Halifax card. But if they catch me on a day when I'm not carrying that one and steal my Lloyds TSB card or my Abbey National card instead, the Halifax PIN is useless to them (and while I'm sorting out blocking the stolen card, I can change the compromised PIN). Likewise, if someone discovers my Yahoo! Messenger password, they can't impersonate me on Slashdot.
    • If someone discovers, say, my Halifax PIN, they'll have to steal my Halifax card. But if they catch me on a day when I'm not carrying that one and steal my Lloyds TSB card or my Abbey National card instead, the Halifax PIN is useless to them
      They don't need the physical card, just the numbers on it to go with the PIN.
      • by ajs318 (655362)
        If you're looking to clone the card using any readily-available blank smartcard, you should be aware that the chip on the card contains rather more information than just the card number. Also, the staff in the store may well notice that it's a plain white card without a bank logo on it.

        If you want to do a "card not present" transaction, you need, in addition to the card number: Expiry date, invoice address (which does not have to be your home address, as long as there's a chain of contact that leads to
    • WTF are you talking about? How does the lack of a pretty decompiler imply the impossibility of facial recognition?

      For one, several different samples of source code could compile down to identical assembly code. Variable names and comments are lost during compilation, so those can't be rebuilt. And different constructs in the high-level language could also boil down to identical machine code during optimization. Still, you can certainly decompile assembly code to express it in a high-level language, but i

  • ummmm... (Score:2, Interesting)

    by Mr Abstracto (226219)
    ...what about twins?
  • by PontifexPrimus (576159) on Thursday August 02, 2007 @05:01AM (#20083063)
    Here are, just off the top of my head, a couple of reasons why I think that's a really stupid idea:
    • You have to consciously enter a PIN to give it away - unless you're fooled by a complete rebuild of an ATM, you're not likely to enter this particular number anywhere else; but you show your face to everyone in the street, making it trivial to get several photographs of it and even do a 3D reconstruction if desired.
    • You can enter a number at a keypad even if severely impaired and under pretty unfriendly conditions (outside ATM in heavy rain, when you're wearing gloves and are a little under the effect of both a cold and cold medicine, say). It's a pretty fool-proof, accessible way of entering a small amount of data. Facial recognition, on the other hand, requires - unless there have been vast advances - very good lighting, a clear image of the face not obscured by sunglasses, intensive make-up or bruises, and no vast changes in hair style or beard growth.
    • Image recognition is cost intensive, energy intensive and computationally expensive; a keypad of the highest level, secure and proof against vandalism will cost what? A couple of hundred bucks at most? To get facial recognition you need light sources that don't interfere with the cameras, the cameras themselves, complex software behind them and - also very important - you need large amounts of data on the facial features. Granted, it might be easy to compress them to a couple of hundred kb's if you're willing to sacrifice some accuracy, but compare that with the four or five byte you need to store a PIN!
    • Problem of false negatives and false positives: when I enter a PIN I can usually get it right on the first try; I usually only run into problems when I confuse it with the PIN from another card. Entering it wrongly has happened maybe once or twice in my life, as far as I remember. Now, what are the chances that the facial recognition software will correctly identify me 99.99999% of the time? And how big is the risk that it might mistake another person for me?
    • Another thing: right now I can hand my credit card to my brother, tell him to pick me up a little cash from an ATM and give him my PIN and card. Will there be provisions made for you to authorize other people, like your spouse? How many? For how long?
    I think it's strange that so many people seem to think just because something is newer it is automatically better than the old technology / method / tool. Don't get me wrong, I love progress - but increasing the failure points of a known and working (if not perfect) system seems like a strange idea to me...
    • by MichaelSmith (789609) on Thursday August 02, 2007 @06:03AM (#20083353) Homepage Journal
      I agree with all of that. One one thing I would like to see with ATM's is an attempt to behave a bit like a human teller in the sense that if I steal a woman's credit card and front up at the counter then they know they I (being male) must not be the owner of the card.

      Some simple image matching process would be a good idea IMHO. It doesn't have to be fantastic and definitely not a replacement for a PIN.
      • by springbox (853816)
        You might as well enter your social security number to determine your legal sex because looking at a person's face doesn't give you much information beyond what you think their sex is (meaning it's completely subjective.) Also, I doubt a computer could be made to guess this type of trait seeing how far behind AI is.
    • by ivan256 (17499)

      Now, what are the chances that the facial recognition software will correctly identify me 99.99999% of the time? And how big is the risk that it might mistake another person for me?

      The chances? Nil.

      Last I looked into this technology (around 2001), the best available was only good for three nines. That's one person in 1000 getting access to your bank account. It's hard to say whether they've improved, because the benchmark used in the study this article is based on uses "FRR at FAR = 0.001" as the measure.

    • Nope (Score:2, Informative)

      by Slayer (6656)
      Sorry dude, but must of your information is either highly outdated or just plain wrong:

      You have to consciously enter a PIN to give it away - unless you're fooled by a complete rebuild of an ATM, you're not likely to enter this particular number anywhere else

      It has happened over and over again. People use their ATM cards to enter indoor bank terminals (that's pretty common in Europe at least). Crooks have set up key pads and card copying devices instead of the card swipers, successfully copying thousands of cards together with pin code information. Also ATM machines have been successfully and repeatedly modified to copy the ATM cards inserted. A little camera mounted close t

  • Surely the degree of accuracy to which you would have to measure the face to make it unique would imply that a good case of acne would be enough to deny access to your accounts.

    Or better still, a broken nose ? Imagine having to go explain to the bank that you needed to change your pin because you were drunk and got into a fight at a pub ? There goes your chance at getting a homeloan ...
  • And what happens if I put a photo or an hologram in front of that camera?
  • To see how the hell they are going to have a person walk up to an ATM, and wait for the system to search through potentially billions (or trillions) of biometrics datapoints while it looks for an exact match. Then the system will have to re-run the search so it is sure it has the proper account. This all because some school wants to rid the world of a key (credit/atm card and pin).

    Now if you enhance the credit/atm card with a biometric to ensure that the owner of the card is the one using it, that would be
    • My bank doesn't have billions of customers. At first, each bank's ATMs would probably only work for their own customers, so the database is cut down to a few million at most. Or the system could be used for granting building access at a school or business, limiting the population to a few thousand.

      Anyway, I think facial recognition would have to be used in tandem with a magnetic card or smart card; this is to replace the PIN, not the card. So the ATM already knows who I claim to be and has to check just one
  • It really annoys me that so many alleged security researchers seem to think that biometrics should be used as a replacement for what we have. No, it should be an augmentation. Each different kind of security has different things that are good and bad about it. I'll cover the three I'm aware of (which I believe to be a complete list:

    1) Something you have. This would be like a key or a smart card or something. The strength is that if properly designed it should be difficult to impossible to copy and that it h
    • I'm not entirely convinced that 1 and 3 are actually different. For example, given the ease of duplication of fingerprints (see the rare, actually well-done mythbusters episode) your fingerprint is with out a doubt something you have, since it's something anyone can have. Does fingerprint duplication carry into other domains, like iris or handprint scans? I suspect it probably does.

      The only thing that can't be duplicated (without your knowledge, that is) is the "something you know." It's the most import
  • by rapiddescent (572442) on Thursday August 02, 2007 @07:42AM (#20083823)
    I doubt this will be a single authentication factor in any banking/payment environment because the university researchers from the article just don't understand how complex payment systems are and how much interoperability between card schemes does not exist.

    Where it will be used is in fraud scoring. The Alliance and leicester trialled small webcam like devices on ATMs but for some reason took them out of service. Recognition is useful, but it will not be used to block transactions, it will mostly likely be used to raise a score on a fraud profile for a transaction.

    This type of fraud profiling is becoming more important because the UK will be moving to Faster payments [apacs.org.uk] at the end of 2007 - where once banks had 3 days to run scanning products [visionmagazine.net] (for terrorist account activity and fraud) - they will only have a few minutes. The problem at the moment in the UK is that customers do a lot of electronic payments compared to USA - so many transactions will not have time for all the fraud checks.

    so if someone who looks nothing like my description makes a transaction, then the score will increase on the account which can then implement further fraud checks in resulting transactions.

    when I designed and built a fraud detection system for a UK mobile operator, we found that when a handset/number had fraud committed on it - it usually was usually picked up by lots of the fraud scanners and would stick out like a sore thumb. Each customer would have an associated fraud score and when it reached a certain point, the fraud team would get involved.

  • "Biometrics" was a technique of the late 19th century. Its ad dead as DRM -- IMPOSSIBLE. Even DNA has its problems and the only biometric technique that that survived over those last 100 years is fingerprinting and then we got 'experts' in court that 'go with the flow'.

    Ever listen to lawyers debating DRM? We know that's impossible and these idiots would best loosen their ties.

    Even if it worked, a society where if you do a "crime", expect the "time" is no Utopia. This is troll, but
    the whole abuse of technolo
  • Bill Gates mask.
  • ...replace the dozens of personal identification numbers (PIN)...
    The crucial mistake is the term replace. If they wanted to add facial recognition, that would be great.

    Instead of ranting on this for the 10,000th time, I'll just provide the link to Two-factor authentication [wikipedia.org]
  • Biometric systems are sold on the premise that everyone has unique qualities they carry around with them. And, while this is true, the ability of even the most sophisticated system to quantify that is still limited.

    Quantification usually takes the form as reducing physical qualities to numbers and checking the numbers just read with the numbers stored, usually with a hefty margin of error. It's a guarantee you could do a plastic mock up of a face that would read true and wouldn't fool a myopic five year o
  • To: Corporate Computer Users
    From: IT department
    Re: Biometric authentication update

    Dear users,

    As you may know, we here in IT are always on the cutting edge of technology and security. We have been investigating new methods of user authentication for some time, and have finally selected the technology that we intend to use. From now on, all user authentication will be done using facial recognition biometric technology. This will, unfortunately, force us to make some changes to several of our long-standing pol
  • Several highly moderated folks have said this is a bad idea. But it's not a bad idea to check for biometric data like faces, fingerprints, etc. It's a bad idea to use those instead of passwords, rather than in addition to passwords.

    I think it was Bruce Schneier who grouped authentication mechanisms into three kinds: something you have (like a physical key or device), something you are (like your retinal pattern) and something you know (like a password). You can great security by combining these mechanism

One man's "magic" is another man's engineering. "Supernatural" is a null word. -- Robert Heinlein

Working...