Biometric fail

From here:

Cars of the future may use the driver’s rear end as identity protection, through a system developed at Japan’s Advanced Institute of Industrial Technology. A report surfaced earlier this month that researchers there developed a system that can recognize a person by the backside when the person takes a seat. The system performs a precise measurement of the person’s posterior, its contours and the way the person applies pressure on the seat. The developers say that in lab tests, the system was able to recognize people with 98 percent accuracy.

That’s not good enough. If you can’t drive your car one time out of 50 when the chances of your car being stolen are only once out of, say, ten years you are going to disable the feature.

Also 98% accuracy number was in lab tests. I have to wonder if those lab tests included people having different things in their pockets. If you normally drive with a wallet in your rear pocket and you hop in your car after a day at the beach with your wallet in a bag thrown into the back seat what are the odds then? Or if you change your carry gun, or move the holster a little to one side or the other. And it is going to have to adapt to weight gain and loss over time.

Biometrics have a lot of problems. It’s really tough to get the accuracy needed for everyday use because characteristics of people change. And the basic concept has two fundamental, closely related, security flaws.

One is that your biometric “key” is not well hidden. You leave a set of fingerprints on the glass at the restaurant, on door knobs, and on the keyboard at the library. And image of your iris can be captured with a telephoto lens while you walk down the sidewalk.

The other flaw is that in any secure system you must have a way of repudiating a set of credentials if they have been compromised. How do you repudiate an image of your iris or your fingerprints? At most you only have two eyes and ten fingerprints. And there are lots of gummy bears.

Biometric researchers attempt to block access to these flaws by performing “liveness” tests. The guys in the black hats are keeping up and my guess is, except for some very expensive solutions, they always will.

13 thoughts on “Biometric fail

  1. Worst case scenario: I’m in my Jeep. I’m with you and your kids, up in the mountains. We encounter a bear, and the bear bites off one of my ass cheeks. We all make it to the Jeep, ready to get away, while the bear deals with his sizeable mouthful.

    Sorry, we are all going to die.

  2. The glass is half-full on biometrics: how about all those great plot-lines in the action movies when the good guy is able to defeat the evil guy’s biometric protective system and get into the soopersekrit WMD laboratory? Without these plotlines, those movies would be for falling asleep to.

    • The classic answer is to steal the eyeball or hand. (See Rolf’s writings for a recent example.) For this particular concept, that would be harder to do.
      Then again, my reaction to the original article is that it’s a fraud. The body part in question doesn’t have enough distinguishing features for this to be a valid scheme.

    • Those movie plot devices are stupid anyway. A bimoetric is just a bitmap. I fake bitmaps for a living. it’s not that hard. As Joe noted, they can make a bitmap of, e.g., your iris, by taking a picture of it.

      M

    • In an early Mythbusters, they used a 3-D scanner to clone Kari’s behind.

  3. I think this is some overzealous ideology for using butt biometrics as some form of security by the researchers. I very much doubt any manufacturer will ever adopt this as a way to secure a car, because the, “what if” and reliability implications (as mentioned by other comments and this post) are too great.

    What I do see them doing is creating a scenario where you hop in to a car, it identifies you as Mr. or Mrs. Smith, and for a very limited number of profiles will restore the car to the settings you like. This would be the same stuff some luxury cars have today, but executed a different way to differentiate them from the other makes.

    • True. It replaces the simple and reliable way of connecting it to your remote control, by a complicated and unreliable way. Well, it gives me one more way to identify manufacturers to avoid.

  4. The Butt Constant Algorithm compares the stored butt dimensions and compensates for food intake, clothing, STP, changes in emotional state and answers the most asked question of the future. Does this car make my ass look big?

  5. Okay, I’ll Bite. They can’t come up with a better system to identify when an AS^#@LE gets behind the Wheel?

    I though that what Traffic Cams were supposed to do.

  6. As the Quality Gurus say:”If your heart worked perfectly 99.9% of the time you’d be dead only 8 and a half hours a year.”

  7. What alien said. This article reminds me of the joke about if passenger air travel had the cost and quality curve of computing power, and how frequently the airliner would crash, killing all on board as a analogue to losing all our data.

  8. Yep. I have never had a car stolen, but have driven a car thousands of times. I’d probably be dealing with 50-100 times where I couldn’t get to wotk because my car told me, “I’m sorry Dave, I can let you do that?”

    Also, the borrowing/lending of cars becomes a drag. We tend to bring that up with “smart guns”.

    Q: “But how are we supposed to take new shooters to the range do they can learn the sport?”

    A: “exactly”

Comments are closed.