Assessing vulnerability of dorsal hand-vein verification system to spoofing attacks using smartphone camera

Abstract

This paper investigates vulnerability of the dorsal hand-vein biometric systems to display based presentation attacks. The database collected for our experiments consists of624 real and 312 spoof images from left and right hands of 52 subjects, of which 32 are males and 20 are females. In order to assess the vulnerability of the system, we have created artefacts in a more realistic scenario assuming no access to real images in the database. Specifically, a smart-phone camera is used to capture user's hand images, which are then displayed on its screen and presented to the biometric sensor as artefacts. Scale invariant feature transform (SIFT) based image descriptors are employed for image matching. For detection of keypoints, we have considered three techniques, namely, difference of Gaussian (DoG), Harris-Laplace and Hessian-Laplace and performed comparative assessment of vulnerability. Worst-case vulnerability of these approaches in terms of spoof false acceptance rate (SFAR) has been found to be 61.8%, 46.1% and 49.03%, respectively. SFAR values obtained in our experiments are too high to be acceptable for real-world deployments and indicate that dorsal hand-vein biometric systems are also vulnerable to spoofing attacks.