There are several known system and methods to ensure that a user trying to access a device is trusted and/or correctly identified, such as passwords, electronic keys and the like. Recently, biometric technologies have become commonplace, such as fingerprints and iris recognition. Iris recognition is considered one of the most trusted authentication technologies. Iris recognition is for example used as an alternative to standing in the line showing your passport in United Arab Emirates and at Amsterdam airport. The technology is based on comparing an image of the iris with a stored template. Typically only a 1 mega pixel camera is required with a removed IR filter, and an IR diode. Recently iris recognition has also started appearing in mobile communication devices, e.g. smartphones. A related technology is sclera recognition where the blood vessels of the eye white is scanned.
Artificial eyes in the form of porcelain, or lenses with a printed iris or sclera are known ways of attacking iris or sclera based security. One way of mitigating this is to add a text to read for the user while monitoring the eye movements. Thus the system verifies if it is a human eye by detecting typical reading patterns. This added security measure of detecting and verifying eye movements may be attacked by simulating such eye movement by using a camera with OCR detection to detect the text and a motor that control an artificial eye to simulate reading eye movements. Alternatively, the OCR detection could be used with a projection of an eye on a curved surface or display for simulating the eye movement.
Hence, there is still a general desire to provide a solution which may correctly identify a user attempting to access a device while making it more difficult to imitate the user in order to prevent access for unauthorized users.