Biometric Authentication and Penetration of Smartphones

• Main Author: Aronsson, Erik
• Format: Others
• Language: English
• Published: Högskolan i Halmstad, Akademin för informationsteknologi 2018
• Subjects: biometric; authentication; penetration; iris; face; fingerprint; smarphone; it-forensik; biometri; autentisering; smartphone; Computer and Information Sciences; Data- och informationsvetenskap
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-37713

This study aims to examine the function and vulnerabilities of biometric systemsintegrated in smartphones, as well as techniques for circumventing the securityof these systems. These techniques are then used against a selection of smart-phones in order to gauge the resilience of their biometric security. The function,vulnerabilities, and techniques associated with these systems are compiled usinga literature study of published papers and books on the subject. The performedexperiments apply these techniques in the form of presentation attacks directed atthe fingerprint-, face- and iris recognition systems of the examined smartphones.The result of the experiments showed significant differences between the differentsmartphones, where some exhibited flawless security and others showed significantsecurity flaws. Both fingerprint and face recognition systems were successfullycircumvented, while none of the iris recognition systems were breached. No clearlink could be observed between the cost of the device and success rate of attacks,while only devices using the Android operating system were breached. The resultsundeniably showed that some smartphones are vulnerable to the employed tech-niques. It also showed that some of the tested devices had managed to implementmeasures to counteract the applied presentation attacks. The root cause of thevulnerabilities showcased in the experiment is due to the fact that biometric traitscan be copied and reproduced, highlighting a basic flaw of such systems.