You are here: Resources > FIDIS Deliverables > Forensic Implications > D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research > 

D5.2b: ID-related Crime: Towards a Common Ground for Interdisciplinary Research

Two scenarios for identity fraud with biometrics  Title:


Scenario 2: Possibilities of Identity theft with biometric devices

Over the past few decades, both industry and governments have shown a growing interest in biometric devices. Terrorism has highlighted the need for better identification systems for people as well as for improved systems for controlling access to buildings and countries. Another reason for investment in Research and Development in biometric devices is the massive growth in internet-based systems – whether for e-commerce, e-government or internal processes within organizations. As described earlier, biometrics offer a way to increase the security of authentication systems by complementing single method (what you know) and even dual methods (what you know and what you have) with the third type of identifier, what you are. 

Biometric systems (especially fingerprint scanners) are mass market products at low cost, and can easily be integrated in consumer electronics, like PDA’s. Fingerprint scanners are appearing in more and more products (keyboards, mouse, plug in device, USB stick, and even hard disks). Systems using fingerprints, iris, hand scans, and faces are commercially available and routinely used at e.g. airports. Commercial interest in biometric systems has grown rapidly in 2003 and 2004. If we look at the patent applications, the number of applications with the word “biometric” has grown from twenty per year in 2002, to thousands per year in 2003 and 2004. 

With conventional security systems, users may suffer from socially engineered attacks, as can be seen from the growing number of cases with fraud at ATM-machines. Biometric devices may provide a solution for this kind of crime, but biometric devices still can be ‘spoofed’. The manufacturers of biometric systems are becoming more aware of the problems with tampering, and solutions are provided how to avoid the possibilities to tamper with their systems. Some patent applications describe ways of detecting if persons are alive and if someone tampers with the systems. 

In the next sections we describe some of the ways of tampering with biometric device for the purpose of ID-related crimes.  



Two scenarios for identity fraud with biometrics  fidis-wp5-del5.2b.ID-related_crime_03.sxw  Spoofing
Denis Royer 31 / 44