Creating a 3-D replica of someone’s hand complete with all five fingerprints and breaking into a secure vault sounds like a plot from a James Bond movie. But Michigan State University professor Anil Jain recently discovered this may not be as far-fetched as once thought and wants security companies and the public to be aware.
Jain and his biometrics team were studying how to test and calibrate fingerprint scanners commonly used across the globe at police departments, airport immigration counters, banks and even amusement parks. Without a standard life-like 3-D model to test the scanners with, there’s no consistent and repeatable way to determine the accuracy of the scans and establish which scanner is better.
To test the scanners, they created life-size 3-D hand models complete with all five fingerprints using a high-resolution 3-D printer that can produce the same ridges and valleys as a real finger.
“Like any optical device, fingerprint and hand scanners need to be calibrated, but currently there is no standard method for calibrating them,” said Jain. “This is the first time a whole hand 3D target has been created to calibrate fingerprint scanners. As a by-product of this research we realized a fake 3D hand, essentially a spoof, with someone’s fingerprints, could potentially allow a crook to steal the person’s identity to break into a vault, contaminate a crime scene or enter the country illegally.
“Now, another application of this technology will be to evaluate the spoof-resistance of commercial fingerprint scanners. We have highlighted a security loophole and the limitations of existing fingerprint scanning technology, now it’s up to the scanner manufacturers to design a scanner that is spoof-resistant. The burden is on them to tell whether the finger being placed on the scanner is real human skin or a printed material,” said Jain.
The study aims to design and develop standard models and procedures for consistent and reliable evaluation of fingerprint readers and is funded by the National Institute of Standards and Technology (NIST).
“We are very pleased with this research and how it is showing the uncertainties in the process and what it can mean for the accuracy of the readers,” said Nicholas Paulter, group leader for the Security Technologies Group at NIST and a co-author of the study. “The FBI, CIA, military and manufacturers will all be interested in this project.”