What are the types of attacks on Biometric devices in information security?

There are four types of attacks on biometrics devices which are as follows −

Processing and Transmission Level Attacks − Several biometric systems transmit sample information to local or remote offices for processing, it is also necessary that this transmission be protect, test the transmission be intercepted, read, or altered.

Most biometric systems encrypt information in transit, but not some applications and devices allow themselves to encryption. Security techniques including encryption are view as deployer-specific element of system design.

Multi-factor authentication can take two primary forms such as the need of multiple biometrics or the use of biometrics in conjunction with smart cards and PINs. Both methods decline the possibility of an imposter being authenticated. Spoofing also becomes more time absorbing and challenging when several body corporal or behavioral characteristics required to be copied and imitated.

Cued challenges can also be grouped with specific behaviors generating alarm including an uncommon stillness, lack of motion, or change during the procurement of biometric information. Technologies can bear more development and improvement for monitoring and sensing micro-movement.

Input Level Attacks − Overloading is seek to defeat or circumvent a system by damaging the input device or overwhelming it in the tries to make errors. This is also known as buffer overflow attack for some security mechanisms.

An instance of this type of attack for a biometric system would be the rapid flashing of bright lights against optical fingerprint sensors or facial identification capture devices can disrupt their suitable functioning. Silicon sensors can be simply damaged by short circuiting them or soaking them with water.

Because some biometric systems based on sensitive equipment that can be overloaded associatively simply, users can have opportunities to induce device or system failure. Systems should be designed including if overwhelmed, basic functions should not fail. When biometric devices can no higher serve their intended function, fallback processes should be represented and enforced.

Back-end Attacks − Ensuring integrity and securing back-end subsystems is essential in distributed biometric systems. Considering that the back-end includes a connecting subsystem, or a decision subsystem, or a set of both attacks on the backend will be focused at changing the matching or decision subsystem or compromising integrity of saved templates.

Enrollment Attacks − The practical requirement of biometrics for E-Authentication is binding to one’s identity. Although the notion of an Identity Management System lies external the scope of this document, from a biometric enrollment standpoint because of the important binding requirement, the identity proofing procedure is a critical related function.

Trust in this phase of vetting a person’s claimed identity, confidence in the validity of related files, and reliability in the authenticity of issued computer credentials taken support the very underpinning of biometric based E-Authentication.

Updated on: 09-Mar-2022


Kickstart Your Career

Get certified by completing the course

Get Started