Fraudsters continue to find new ways to exploit security system vulnerabilities and gain unauthorized access to sensitive data and networks. One specific method used to deceive biometric authentication is a presentation attack.
While biometric verification is considered one of the most secure forms of authentication today, it is not a foolproof method for security. However, this doesn’t make it a foolproof security method. Presentation attacks are a threat to many systems that use biometric verification or other security measures.
Below, we’ll explore in further detail what a presentation attack is and helpful suggestions on how to prevent it from occurring.
What Is a Presentation Attack?
A presentation attack occurs when a malicious actor presents falsified or replicated biometric markers or physical characteristics as their own to gain unauthorized access to an account, device, network, or physical premise. This is also referred to as “spoofing.”
The goal is to create replications or “spoofs” of an authorized user’s biometric data to trick the system into thinking they are the verified individual. Then, they can enjoy access to the person’s stored data, account privileges, and more as if they were the true account holder.
The exact biometric data or physical trait the fraudster copies or attempts to replicate depends on what the system uses to authenticate individuals, though this can include:
- Facial biometrics
- Voice
- Fingerprint
- Iris/retina
How Does a Presentation Attack Occur?
A presentation attack is used to bypass biometric authentication methods that verify user identities with their unique physical characteristics.
When running properly, biometric authentication captures a sample of a person’s biometric data, like through a facial or fingerprint scan using the front-facing camera on their device. The system will then compare this capture against a stored sample that was provided during account set-up. If there is a match between the two, the user will be granted access. If results are not a match or inconclusive, the individual will be denied.
Thus, with a presentation attack, the fraudster aims to impersonate the authorized user with fake or falsified biometric data, presenting the spoof to a camera or scanner during authentication as they would their own traits.
There are a few ways for bad actors to instigate presentation attacks, with some popular methods including:
- Spoofing: The attacker may use sophisticated methods to physically replicate a person’s biometric data to present it during authentication, such as a 3D mold of someone’s fingerprint or a mask of their face using silicone or other materials
- Replaying: A fraudster may replay captured biometric data during an authentication attempt that they’ve recorded, such as a recording of the individual’s voice or a photo of their face
- Printing: Printed photos of the person’s face, eyes, or fingerprints may be used to attempt authentication
- Modification: An attacker may attempt to modify or shield part of their own biometric traits to try to impersonate the authorized user
Common Targets for Presentation Attacks
As we mentioned earlier, presentation attacks are utilized where biometric authentication has been implemented to prevent unauthorized access. To further understand the risk of such attacks, we’ll now explore some of the common targets of presentation attacks:
Devices
Biometric authentication is becoming more commonplace in devices like laptops, tablets, and mobile phones. In fact, iPhones first implemented fingerprint authentication over ten years ago with Touch ID.
Fraudsters may want access to a user’s device for a variety of reasons, whether to initiate further attacks, submit unauthorized transactions, or view sensitive information stored within the device. Thus, presentation attacks may be used to attempt to gain access to both personal and professional-use devices.
Time Clocks and Attendance Systems
A growing number of employers are adopting advanced time clocks and attendance systems that use biometric technology to help prevent “buddy punching,” where an employee has their colleague clock in or out for them when they’re not physically present.
Though these systems can be effective at curbing time fraud and ensuring they only pay for actual hours worked by employees, they may be prime targets for presentation attacks in workforce authentication.
Physical Locations
Unlike other methods, biometric authentication is also used to secure physical locations within office buildings, high-risk facilities, or laboratories. Regardless of the reason, bad actors may want access to premises where they are not authorized and may attempt a presentation attack to bypass security.
How to Prevent Presentation Attacks
Fraudsters’ tactics continue to grow more advanced and sophisticated, especially with the use of AI and other emerging technologies to help make spoofs more realistic. The good news is organizations are not completely defenseless against presentation attacks. Here are some of the ways to prevent them from occurring:
Leverage Liveness Detection Technology
Even the best spoofs cannot fully replicate the authenticity of the true person’s biometric data. Security systems can leverage liveness detection to help detect when the person presenting physical characteristics during authentication is alive and present or if it’s simply a replication of the account holder’s face, fingerprint, or other marker.
For instance, liveness detection can help spot when a user is physically present based on the depth of their features rather than a two-dimensional photo of the individual.
Implement Multimodal Biometric Authentication
Organizations can also strengthen security by implementing multimodal authentication, meaning they request more than one biometric marker to help ensure that only rightful account holders are granted access to a system or device. So, a system might use both a fingerprint and facial scan, voice recognition with an iris scan, or any other combination.
Continuous Monitoring
Using a presentation attack detection (PAD) system allows organizations to constantly monitor threats and enhance the integrity of their biometric authentication system using some of the above technologies, like liveness detection. This way, they can respond to threats and suspicious activity in real-time, mitigating potential loss and damages from a presentation attack.