Slide To Unlock -- or Provide Your Facebook Pictures?

A Critical Analysis of Biometric Authentication Mechanisms

bluec0re and schalla

Playlists: 'mrmcd13' videos starting here / related events

In this talk we present a critical analysis of the four most appropriate candidates of biometric authentication mechanisms on mobile devices: fingerprint, face, voice and iris recognition. The results of our analysis show that there is still no compromise between usability and safety, because especially on mobile devices the unlock mechanism has to be quick and easy and this fact affects the overall security of the authentication mechanism. Using precise cameras and good microphones in mobile devices it is possible to use biometric authentication mechanisms like face, iris or voice recognition, but these methods are still in an immature phase and they suffer from different vulnerabilities which will be described in our presentation. The main reason of this problem is the lack of liveness detection which is crucial for all biometric authentication methods. We show that pictures retrieved from social media are enough to bypass the current biometric recognition mechanisms, even the approaches including built-in liveness detection on android phones.