Blog Tags: Anti-Spoofing Applications

The latest fingerprint spoofing incident, demonstrated by researchers from Germany-based Security Research Labs on the Samsung Galaxy S5, highlights the prevailing confusion over the differences between spoofing and hacking a device and the subsequent risks they present to users and service providers. Both Apple iPhone 5S and Samsung Galaxy S5 fingerprint sensor attacks were spoofs. The devices were defeated by imitating a single fingerprint. This is very different from a hack, which could compromise a high volume of users at once.

In both the fingerprint spoofing cases, neither the device nor the user credentials were compromised.  This would have to be accomplished by a hack, which requires a break-in of a device and subsequent theft of the biometric template and related data, or by the depositing of malware. So how do we maintain the security of personal, biometric data?

In a FIDO authentication mod...

Posted by Mike Goldgof, VP Marketing, AGNITIO

Can we spoof a good Voice Biometrics Engine recording the owner’s voice? No, if it is a secure engine. But many engines in the market are easily spoofed.

We have seen how soon a team in Germany was able to spoof the Apple Touch ID. We must admit that the spoof is quite complicated and does not create any serious problems for the normal user of iPhone 5S. We should expect a lot of these as soon as Voice ID becomes a real alternative for device authentication. Are we ready?
Voice Biometrics has a bad reputation regarding spoofing. In Hollywood, you will probably remember this sequence of the movie “The Bourne Ultimat...

Posted by Emilio Martinez, CEO