Table of Contents
From Hammurabi to Super Bowl
Human mind is explosively creative. So don’t be surprised to hear that biometrics have been around for literally millennia. For example, ancient Sumerians (c. 4500 – c. 1900 BC) didn’t have signatures. You can’t really have one when you have no fountain pen and a stockpile of bank cheques to sign.
Instead, they came up with a clever method to approve loans, deals and ancient mortgages: pressing a thumb onto a raw clay tablet. If, for example, one of the counterparties failed to deliver their part of an arrangement — like shipping a bunch of Egyptian chariots sheathed with gilded Baladi calf skin — they would be taken to court, identified through the fingerprint examination and financially punished.
Fingerprints aren’t the only modality to identify you with — modern biometrics have come up with a few brainy ways to do that. And many of them are so non-intrusive, like face antispoofing, you won’t even realize that you were just scanned, recognized and verified. Just like the Super Bowl guests in 2001 had no idea that their faces were under AI’s observation.
1. A keystroke of genius
You know how they say that every drummer has a unique style? It seems to check out: we can easily distinguish Bonham’s drum cannonades from the subtle and intelligent drumming technique of Nick Mason. Well, that rule applies not to percussion only.
The way we ‘drum’ on the computer keyboard is also distinguishable. Just like handwriting. A myriad of factors predetermines its uniqueness: our temperament, cognitive abilities, muscle memory, development level of fine motor skills, as well as a tendency to do mistypes. These are the qualities that have a degree of permanence, more or less.
It’s not a new discovery by any means. Keystroke dynamics were unknown to the telegraphy operators almost two centuries ago: they could easily identify who exactly was sending them dots and dashes. (And which mood that person was in and whether their morning coffee was satisfying or not).
The method was so foolproof, it was also used in WWII as part of the Fist of the Sender technique. The problem was that often enemy operators would pretend to be friendlies to deceive the high command with disinformation. However, knowing the code-typing patterns, tempo, and other quirks of the real friendly operators helped expose the imposters.
So, don’t be surprised. The way you type angry letters or enter a search query via your touchscreen tells a lot about you. Of course, your typing can be affected with, say, caprices of weather or a shock dose of caffeine. But still, it will have some constant elements that uniquely belong to your swift fingers.
2. Iris to replace IDs
Originally, Iris was the name of a rainbow goddess: Olympians used her to ‘DM’ important messages to mortals. Irises located in our eye also convey a lot of useful data. Actually, it is known that human iris has 240 unique biometric features — a whole armada of usable data if compared to just 16 key identification features that a human fingerprint has.
And you have two of them, which makes almost 500 identification points. If we do a little math — it was actually done for us — then we’ll see that a chance that a system identifies someone else as you after scanning their irises is… 1 in 1.4 million. Imagine if you had a magic coin that would drop on its edge only after 1.4 million tries — you’d need roughly three years of uninterrupted tossing to complete the task. (40,000 tosses, for example, required 75 only hours).
But human iris isn’t as simple as a three-sided coin. Pigmented rings, furrows and crypts form highly sophisticated patterns, which are made even more unique thanks to iris coloring predetermined by the melanin amount.
What makes iris recognition especially cool is that it’s not intrusive at all. At the same time, the average iris diameter is12 mm, which makes it much harder to photograph than a human face. A camera equipped with a telescopic lens can do the trick.
3. Are you breathing or not?
Breath is life. In biometrics this statement is one of the solidest truths ever written. By analyzing a person’s breathing patterns and pulse, an automatic system can expose fraudsters and even prevent rather gruesome attack scenarios.
First, breath pattern analysis helps to realize whether we’re dealing with a real human being or just a masterly designed puppet. Perpetrators have a rich arsenal of tricks and tactics to try and fool you or an AI.
For instance, they can wear a deepfake mask, applying a digital face manipulation. Such a mask can believably imitate someone’s likeness. It is also capable of repeating mouth movements and facial expressions of a culprit hiding behind. Potentially, it can be used to fool some important vis-à-vis during a live video call into giving away sensitive data or money.
That’s when antispoofing comes into play with Heart Rate Estimation. It analyzes color changes that occur in human skin when we breathe. They remain invisible to a naked eye, but a system sees them all!. If the face color of a subject remains strangely unchanged over the course of a minute (we breathe 8-16 times per minute) then it’s certainly a despicable deepfake puppetry.
Beware of Biometric Vultures
Biometrics are needed not to just confirm, but also protect your identity. Parameters of your body can’t be stolen — they are your unique possession from birth. But they can be observed, studied and replicated. Especially if you’re active online and enjoy posting selfies, videos from vacation or downloading mobile apps from shady vendors.
To learn more about potential threats and countermeasures, visit antispoofing.org — the first Wiki dedicated to biometric security. There you’ll learn about the latest advances in the area, promising researches, experiments, databases, and more.