Saturday, August 06, 2011

[yhebzpdc] Biometric ATM

The technology mostly exists to do face recognition as part of automated authentication.

Sufficiently high resolution cameras, multiple angles, bright lighting can thwart an adversary using a mask or holding a picture in front of their face.  (Inspired by "skin" being very difficult to simulate with computer graphics because of internal light scattering among embedded blood vessels, so real skin versus a substitute, e.g., latex, should not be too difficult to distinguish based on computer vision).

The subject stands in front of a backdrop with an animated pattern predictable only by the authentication system, e.g., random dots generated by a keyed cryptographic random number generator.  This thwarts the camera being hacked and a totally unrelated feed being sent to the computer (like Ocean's Eleven).  Although an adversary might record the backdrop and green-screen in the fake feed, there will be a slight delay.

The lights move also, making it difficult for an adversary to replicate the environment elsewhere.

No comments :