Field of the Invention
This invention relates generally to the field of data processing systems. More particularly, the invention relates to a system and method for performing eye tracking techniques to improve authentication.
Description of Related Art
Systems have been designed for providing secure user authentication over a network using biometric sensors. In such systems, the score generated by the application, and/or other authentication data, may be sent over a network to authenticate the user with a remote server. For example, Patent Application No. 2011/0082801 (“'801 Application”) describes a framework for user registration and authentication on a network which provides strong authentication (e.g., protection against identity theft and phishing), secure transactions (e.g., protection against “malware in the browser” and “man in the middle” attacks for transactions), and enrollment/management of client authentication tokens (e.g., fingerprint readers, facial recognition devices, smartcards, trusted platform modules, etc).
In general, authentication techniques are robust against spoofing if (a) secret information is used for authentication or (b) it is hard to produce a fake input. Most systems today rely on password-based authentication. Passwords are easy to reproduce, so they need to be kept secure. Consequently, password attacks typically focus on gaining access to a user's password. Recent attacks have demonstrated the vulnerability of servers on which the passwords are stored for verification.
In contrast to password-based authentication, when using biometrics for authentication, the biometric information typically is public. For example, a fingerprint can be retrieved from (almost) any object touched by the user. Similarly, a user's face is typically not hidden and hence can be seen and captured by anyone and is often published on social networks.
In the real world, we can rely on our own recognition abilities when we see a person, because it is hard to “produce” another person having the same biometric characteristics. For example, it is still hard to “produce” another person having the same face and mannerisms. This is why governments include pictures of the face in passports, ID cards, drivers licenses and other documents. In the virtual world, however, we don't have to “produce” another person with the same face in order to spoof the system, but only something that the computer would recognize such as a picture of the face. In other words, “[t]he moral is that biometrics work well only if the verifier can verify two things: one, that the biometric came from the person at the time of verification, and two, that the biometric matches the master biometric on file” (see Reference 1 from the list of references provided prior to the claims of the present specification).
In the past, research on automatic face recognition has focused on reliable recognition of faces using still images and video. See, e.g., Reference 2 below. Several relatively robust face recognition techniques exist and systems are commercially available today (see Reference 3). However, little attention has been paid to “liveness” detection, i.e., “verification . . . that the biometric matches the master biometric on file.” In several use cases, spoofing protection is either not required or it is still being performed by humans (e.g., for law enforcement applications).
The ubiquity of cameras in computing devices such as notebooks and smart phones on one hand, and the weakness of passwords as the most prevalent authentication method on the other hand, drive the adoption of biometric authentication methods in general, and face recognition in particular. The first large scale “trial” of face recognition as an authentication method was done in Google Android 4 (aka, “Ice Cream Sandwich”) and was based on still image recognition. These techniques can be fooled easily with photographs (See Reference 4). Even improved methods which include some sort of liveness detection in Android 4.1 (aka, “Jelly Bean”) can easily be spoofed by presenting two photos in a sequence, one with open eyes and an electronically modified one with closed eyes on a computer display to the camera (see Reference 5).
Though it can be argued that this weakness is due to resource limitations on mobile devices, it also appears that commercial software available for PCs and even the research of anti-spoofing detection is not yet very mature. The assignee of the present application performed tests with PC-based face recognition software which confirms this finding:
Cogent BioTrust 3.00.4063, operated on a Windows 7® based Samsung Series 5® Notebook, performs no liveness check at all, even with security settings set to “high.” A simple face image, displayed on a normal computer monitor was sufficient to successfully spoof the system.
KeyLemon 2.6.5, operated on a Macbook Air® performs simple blink tests as liveness check. It can be successfully spoofed by displaying a sequence of 3 images: (1) a real image of the face (e.g., created by a web cam); (2) a modification of the real image, where the eyes have been re-colored to look as if they are closed; (3) the real image again.
Anti-Spoofing detection is not part of standard tests such as the NIST biometric vendor tests when comparing different algorithms. See, e.g., References 6-8. One of the first known public competitions, organized by several researchers in 2011 (see Reference 9) showed early success of some algorithms, but it was based on videos with a resolution of 320×240 pixels. Typical computing devices provide resolutions of the front-facing cameras of at least 640×480 pixel.
FIG. 1 illustrates an exemplary client 120 with a biometric device 100 for performing facial recognition. When operated normally, a biometric sensor 102 (e.g., a camera) reads raw biometric data from the user (e.g., snaps a photo of the user) and a feature extraction module 103 extracts specified characteristics of the raw biometric data (e.g., focusing on certain facial features, etc). A matcher module 104 compares the extracted features with biometric template data 110 stored in a secure storage on the client 120 and generates a score and/or a yes/no response based on the similarity between the extracted features and the biometric template data 110. The biometric template data 110 is typically the result of an enrollment process in which the user enrolls a facial image or other biometric data with the device 100. An application 105 may then use the score or yes/no result to determine whether the authentication was successful.
There are multiple potential points of attack in order to spoof a facial recognition system (see References 10, 11), identified in FIG. 1 as (1)-(8). There are well known protection mechanisms for ensuring the integrity of the biometric templates (6) (e.g., by using electronic signatures) and protecting the integrity of feature extraction (3), feature vector (4), the matcher (5) and its final result (8) (e.g., by applying a combination of (a) white box encryption methods, (b) code obfuscation and (c) device binding).
Protection mechanisms against replaying old captured data to the feature extraction unit (2) are (at least theoretically) covered by the approach of the Trusted Computing Group and by potential extensions to ARM TrustZone. Basically, the approach is to add cryptographic protection mechanisms (e.g. HMAC or electronic signatures) to the sensor and encapsulate the sensor in a tamper proof way, similar to the protection mechanisms used in current smart card chips. The feature extraction engine could then verify the integrity of the incoming data.