According to the Wall Street Journal, as more businesses begin relying on biometric security devices, many wonder how susceptible they are to fakery, and their fears may be justified.
International Biometrics, a consulting firm, was hired by a New York-based financial group to look into the plausibility of such "spoofing." Most fingerprint scanners simply take a picture of the fingerprint and compare it to those in a database, so "any high-resolution image will have a high chance of spoofing an optical sensor," said International Biometric's Ross Mitchell. Systems employing non-optical sensors, such as thermal or ultrasonic, could be less vulnerable, but vulnerable nonetheless.
West Virginia University researchers claim to be able to fool various types of fingerprint readers between 40 percent and 94 percent of the time, using fingers from cadavers or made of Play-Doh, and Tsutomu Matsumoto, a Japanese mathematician at Yokohama National University, claims to have fooled readers using fingerprints made out of gelatin.
Manufacturers downplay security threats, citing that most successful spoofs involve molding an actual fingerprint, which would be very difficult for a criminal to obtain, and that making a replica of a fingerprint on a piece of glass is extremely difficult as well. However, Mitchell believes that even the most advanced biometric readers, "despite high matching accuracy, could be fooled using cheap materials."
Although iris recognition technology being developed is a more secure form of biometrics, it too could be fooled using a high-resolution photo, so developers are working to overcome that by attaching a light that would contract the pupil and prove that the eye is real.