Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye?

the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens.

Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Re:

[Calydor]

This is where I'm curious, was this a tongue-in-cheek bit of humor or was this post actually deleted?

Re:

[ecotax]

I'm curious too. I guess we'll have to wait and see if this is going to happen more often. Unless you feel like experimenting by posting messages that would qualify for the same treatment, of course. Personally, I don't.

Re:

[Ol Olsoc]

I'm curious too. I guess we'll have to wait and see if this is going to happen more often. Unless you feel like experimenting by posting messages that would qualify for the same treatment, of course. Personally, I don't.

Posts don't get deleted, they get modded up or down.

Some anonymous cowards get much butthurt when anyone disagrees, so they make up this censorship meme.

That being said, when the cowards go on one of their weird psychosexual or ridiculously offtopic binges, we have the ability to set the topic settings so we don't see the stuff. That also causes much butthurt.

Re: Comment Deleted

[BarbaraHudson]

YHBT. Also, at the time of the supposed deletion, there was no thread to delete. And who would even notice, never mind care, if an AC comment was deleted anyway. Too bad there is no option to both browse at -1 and to not display AC comments.

Re:

[Calydor]

And who would even notice, never mind care, if an AC comment was deleted anyway.

Elitist much?

First of all, anyone that appreciates Slashdot's history of never deleting comments (except that one about Scientology they received a court order to remove, AFAIR) would care.

Secondly, are you seriously saying that all anonymous comments ever are worthless? Really?

Re:

[BarbaraHudson]

It's not elitist to choose what you want to see and what you don't. Can't be arsed to log in or take credit for what you say, then why should I be arsed to read it? That is the exact opposite of elitist, since ANYONE can have an account, so quit trying to reframe the question to something totally bogus.

Are all AC comments worthless? Maybe not - but there's too much NOISE and not enough SIGNAL. The option to hide AC comments would be a huge improvement just in eliminating troll scripts.

Re:

[ShanghaiBill]

India's PDS [wikipedia.org] entitles a citizen to a kg of rice and a liter of kerosene every month. How much trouble will people go through to cheat at that? Also, the iris scanning is monitored, so someone may notice if you hold up someone else's eyeballs instead of facing the scanner. For bigger transactions, the iris scan is just one factor: you also need to present an ID and/or enter a password or PIN.

Re:

[vasanth]

well it's not ppl cheating but pilferage in the supply chain that has traditionally been very difficult to control.. ppl at present have multiple ID (pan number - a tax id) to dodge taxes etc, this new system would mean that a person can only obtain one ID as a match in finger print or iris will cause the 2nd id not to be issued and the PDS system would need to authenticate the user for each transaction before any benefits are given meaning it is a lot more difficult for intermediaries to just siphon off 5

Do not look into laser with remaining eye

[guruevi]

A pupil's response can be imitated with a video in response to the flash. I work with several types of eye trackers fairly frequently, the eye is relatively slow in responding to stimuli, it's definitely within the realm of a cell phone to play back the image of an eye and it's iris in response, in time to one of these flashes.

The problem with biometric is that it is considered the end-all of security system whereas it should be considered only part of something (who you are, what you know, ...)

Re:

[Anonymous Coward]

biometric is that it is considered the end-all of security system

I have never understood why people think this is the case. It doesn't take a genius to realize that there are a number of ways to get this data, most of which are highly unpleasant, assuming you survive it.

Plus, if it's compromised once from an appropriately insecure and high-resolution source (e.g. someone takes a picture of your eye in high detail), you're pretty much compromised for life. Some people would say this will never happen, but considering some of the dumbass mistakes that have made security

Re:Do not look into laser with remaining eye

[Anonymous Coward]

The problem with biometric is that it is considered the end-all of security system whereas it should be considered only part of something (who you are, what you know, ...)

No. The problem with biometrics is that it builds upon faulty assumptions and fails to address real concerns.

Somebody fakes my eyescan successfuly once, it loses all future use to me and now I have to scoop out an eye, perhaps replace it with a glass one with some famous person's fake eyescan patterns, to have some use out of it again. But wait, I'd rather keep the eye to see with.

The logical conclusion is that I don't want my eyes, not even one, be used as a security in this sort of gamble. That means you do not get to scan my eyes, ever, making the idea strictly useless for security, aaa, or whatever else you want to do with it, but instead outright dangerous for my valuable body parts.

Biometrics is only "hollywood security", where usernames, including the crappy and noisy biometric ones, are taken to be as good as passwords, and "security override" is all you need to get past any hurdle anyway. In the real world, security doesn't magically improve just because we bend over backwards for some camera looking into our eyes. Any biometric is more easily faked than replaced, and that makes them useless for the end-user, in fact outright dangerous to limb, possibly life, because it makes the end-user expendable.

That means there is only one correct answer to any biometric-anything idea: FUCK OFF with your biometrics, whatever idea you have this week. FUCK OFF ALREADY.

Re:

[JaredOfEuropa]

Somebody fakes my eyescan successfuly once, it loses all future use to me

That's the real kicker. Imagine a password written on a yellow sticky, kept in your wallet. A password that is thus easily stolen, lost or duplicated. Now imagine that you cannot change that password, ever.

Re:

[SNRatio]

Er, no. Iris or retina scan and most other biometrics are and will continue to be useful: for identifying people in the flesh. Unless you are willing to remove your eyeball and replace it with a replica of someone else's you won't be fooling the security guard at the door.

Re:

[SNRatio]

just missing an eye gives you free reign to circumvent this security.

"Just"???

You first.

contact lens

So add a measure of interpupillary distance. Are you up for having your skull cracked in two and then widened or narrowed so that your IPD matches too? Also: retina scans. Unless they have some pretty amazing holographic properties, contact lenses won't fool a retina scan.

Re:

[Anonymous Coward]

Biometric should only be used to identify people accompanied by security persons who can determine of the biometric object being scanned it real or fake. This will require checks to see if the person is wearing contacts or an extra layer of skin, etc. This also requires the security person to immobilise the person who is being scanned to make sure slide-of-hand is not in play.

Biometric scanners without security are useless, since the biometric object can easily be harvested in public areas.

Re:Do not look into laser with remaining eye

[arth1]

With the iris scanning, how about getting the person to follow a small dot around the scanner with their eye and an iris tracker can confirm it's doing so.

Any security solution that depends on technology can also be defeated by technology.

In this case, you would have to have a system for tracking the eye, which would be defeated by a system for tracking the dot. Plus, you'd need guards against feeding the system wrong data at multiple points, or bypassing the tracking altogether. You'd multiply complexities unnecessarily, and only end up with another system to keep honest people honest.

Executives[*] who base their "knowledge" on Hollywood movies and detective stories are to blame for big business buying into biometrics for authentication. It's the worst thinkable system possible, because once you have defeated it, you have defeated a living human person, who cannot change his compromised biometrics.

The implementations fly in the face of ADA and similar measures too, directly discriminating against people who cannot use the systems. Some don't have fingerprints. Others cannot stand and look into the iris scanner. Or don't have eyes to look into them with. So you must have a backup system anyhow. That prompts the question: If the backup system is trustworthy, why not use it instead?

[*]: And unfortunately not just business execs. As late as last week, a police superintendent was quoted in a big newspaper saying that DNA evidence is 100% trustworthy and (I kid you not) we should never question it. The newspaper didn't even question that statement or ask an expert for opinion.

Re:

[Anonymous Coward]

That prompts the question:

Thank you!

Demolition Man

[Anonymous Coward]

Demolition Man did it

I don't have any dead eyes

[fustakrakich]

But one of them is kinda lazy. Will that make a difference?

Well, DUH

[93 Escort Wagon]

"Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death"

Sheesh, I saw this on an episode of La Femme Nikita probably a decade or so ago. I could've lent them the DVD, if they'd asked.

biometric identification insecure by nature

[sittingnut]

biometric identification and verification is insecure by its very nature.
whole concept derives from faulty assumption that identity of a person is securely linked his/her body parts. obviously body parts can be separated from true identity by variety of means ranging from death, amputation, kidnapping and coercion, replication , etc etc.
other forms of identification and verification based on links to individual's mind and memory, while far from perfect, is more secure.
even simple forms of that, like passwords, can defeat insecurities created by death, amputation, some coercion, etc etc.

all rational knowledgeable people should counter absurd biometric identification hype.

Re:

[ET3D]

It's far from perfect, but still much more secure than insecure passwords, which are what we commonly have. It's a lot easier to get passwords (as proved by the many millions of them available online) than to get the biometric identifiers.

For now.

[Anonymous Coward]

Availability is directly tied to use. We have already got databases of passwords attached to every website that has a login so most break-ins will have a chance to make a copy, if fingerprints iris scans or something else biometric got used in the same way then this would be true of them too, but now you cant change them.

Biometric identification is a shared password you can never change, and shared passwords are the most insecure of all. Of course you can mitigate against this in physical situations, if

Re:

[Misagon]

The biggest fallacy of using biometrics for security is that biometric codes can not be changed.
Once a biometric code has been cracked then that code is useless forever and you are stuck with it. If a protected resource requires e.g. an iris or finger print but that print is revoked, then you can never use that authentication mechanism every again.
If someone successfully guesses your password (or encryption key) then you can rescind it and use another.

Another fallacy is that it is actually not difficult to

This validates how many cheesy movies?

[mykepredko]

Yet another case of popular media predicting actual science.

Seriously, I think there was at least one James Bond ("Never Say Never"?) with this theme as well as one in which eyes were carried around in plastic baggies to break security. I think the big part of this was the "ick" factor to create audience buzz.

Re:

[rainer_d]

Minority Report is 2002. Demolition Man is 1993: https://www.youtube.com/watch?... [youtube.com]
Never Say Never Again is from 1983, but in it, somebody has his Iris altered to match the President's one: https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[mykepredko]

Thank you for the references.

Minority report did it twice

[peter303]

First Cruise has an eye transplant to avoid discovery. Second he gives his ex-wife his original eye to break him out of prision-stasis.

Somebody sold India a LOT of hardware

[Tony Isaac]

India is going to find out that iris scanning suffers from all of the same issues as any other biometric scanning device. ALL of them have to turn the scan into a digital representation, which is then used to authenticate or verify identity. The weak point int he process is between the device and the computer. Since that digital representation can be copied and replicated, it is no more secure than any other identification system. It's actually less secure, because it's considered the user name AND pass

Re:

[vasanth]

well the AADHAAR system you are talking about has multiple levels of authentication which include iris, fingerprint, OTP to your mobile and password.. and the system does not give out any of these information, any one can use the system to authenticate by the means they deem fit by submitting the authentication details to the AADHAAR service and it will get back with only a TRUE/FALSE response and nothing else.. so as a service provider you can decide the level of authentication required, a bank might deci

First...

[Archfeld]

First they took our jobs, then they took our thumbs, now they are gonna take our eyeballs. When will it end ??

Re:

[Locke2005]

Well, if you weren't just sitting around with your thumbs up you butts in the first place, they wouldn't have taken your thumbs! Personally, I'd rather not use biometrics, precisely because of the damage to my body that someone seeking to steal my identity would do.

Re:

[Barny]

You consider /. to be part of the government? Hot dang are you trying to inflate their ego?

Been there. Done That

[fahrbot-bot]

This means an eye could theoretically be plucked from someone's head and presented to an iris scanner.

Minority Report [wikipedia.org] - duh.

Don't use proto-matter

[Chad Smith]

you've got Genesis, but you don't have me!

It doesn't matter

[Casandro]

You can always take an image of a dead iris scan, manipulate it, and feed that to the camera.

The same problem with all biometrics

[Macdude]

Iris scanning suffers from the same fatal flaw that every other type of biometric scanning suffers from. What do you do when my iris scan is compromised? How are you going to issue me a new iris identification?

palm vien

[markdavis]

>"Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. "

Not really. It is a rather stupid biometric, especially when something exists that is far better in just about every way....

There is only one safer and practical biometric I know of- that is deep vein palm scan. That registration data cannot be readily abused. It can't be latently collected like DNA, fingerprints, and face recognit

Re:

[Locke2005]

Actually, eyes do change over time. My contacts weren't letting in enough oxygen, so blood vessels grew into my eyes. Not sure how much that would affect an iris scan, though.

So soon they forget

[ggendel]

As someone that was part of the team that pioneered iris recognition in the late 80s, I can say that this is totally the fault of the current software. We had various techniques implemented from the start that would prevent this kind of problem. Controlling multiple IR leds to provide a changing specularity pattern. This would guarantee that the eye was shaped as expected, rejecting all flat copies. Checking for the normal pulsation of the pupil would reject dead eyes. There were various other checks, like verification of facial features (there were two eyes, etc.). Checking for the proper occlusion of the eyelids was also part of the process. With only a few captures our testing has not shown this kind of issue (and we did try perfect eye replication). I've heard this kind of thing from the beginning, nothing new here. Again, we implemented all of these features in our original work, but implementors felt that these should not be included in their products.

Doesn't stop them from trying

[burgundy]

It'll be a great reassurance to the bank to know that the bad guys can't get into the vault by holding up an eyeball they've "liberated" from the bank manager. However, it'll be little comfort to the now eyeless bank manager if the bad guys haven't kept themselves abreast of the developments in dead eye detection, or if they decide to give it a go anyway. If some bit of your anatomy holds the biometric keys to something of value, then in addition to all the other problems that get mentioned about biometri

Re:

[Locke2005]

You weigh the costs of false positives vs. false negatives, and you're going to accept the false positives every time. Otherwise, some CEO get pissed off because the system won't let him in, and the whole system gets yanked out. So, short answer, no, they can't check for blinking, it adds yet another failure mode,

constructing dead guys finger

[peter303]

There was story this week about the police approaching a 3d printing prothestics expert to reconstruct the fingers of a dead guy to unlock an iPhone. They tried the fingerprint image which didnt work.

No surprise here

[Locke2005]

Having seen the movie Demolition Man, I've always been opposed to biometrics in the first place. My body parts are more important to me than my data!

Yes, the tech already exists...

[dublin]

The answer is yes. The technology to detect the difference has been around for over a decade, but it's not in any iris scanner for security that I'm aware of.

My Mom and Dad (yes, both of them, this one was actually Mom's idea), hold a patent on a method for using a laser and optical system to measure a bunch of things about the eyeball, including intraocular pressure. It's sensitive enough to not only measure the internal eyeball pressure, but you can very easily see the pulse, and with a bit of clever ma

Change over time.. it does

[MercTech]

Hmmm, the article ignores the fact that a retinal scan is changed by cataracts, glaucoma, log term diabetes, retinal detachment, macular holes, macular degeneration, or massive beta radiation exposure.

    I wonder if using IR laser scan instead of red laser scan as the first generation of the tech did would sense living tissue based on temperature?