Charlie's Diary

[ Site Index] [ Feedback ]

Sat, 08 Oct 2005

Imaginary crimes

Predicting the future isn't actually the core of an SF writer's job, although it's what everybody seems to expect us to try -- and fail -- to do.

On the other hand, it's a fun hobby and sometimes you get one right. And the flipside of it is, it's often easier to spot an on-coming clusterfuck than a successful new technology.

Regular readers of this blog will know that I have a serious down on national identity cards and biometric authentication technologies. One of my reasons for disliking these technologies (besides the obvious one that biometrics all assume human beings are invariant over time -- we aren't, we're squishy things that change shape -- and mechanising identity recognition in this way is merely going to replace one category of recognition error with a range of new and exciting new ones) is that the deployment of biometrically authenticated ID by the state, backed by (presumably) the best systems they can afford, will legitimize biometric ID in the public perception, leading to all sorts of other abuses.

If you wonder what this has to do with you, let me give you an example of an inappropriate use of biometric ID, and a form of identity fraud that doesn't exist yet but that could wipe out your bank account in five years' time.

American corporations have a touching faith in better living through technology, and Pay By Touch Solutions and their rivals Biopay are no exceptions. As The Register explains, these companies want you to register your fingerprints and bank account details with them. You will then be able to purchase goods from stores participating in their network by simply typing in your bank account number and using your fingerprint to authenticate that you are, really and truly, the account holder.

As the director of Pay by Touch told The Register, "the primary reason consumers sign up is for convenience," ... "They don't need a wallet or purse. When it become more ubiquitous, consumers won't have to carry cards around."

Note that the fingerprint authentication companies don't actually send a snapshot of your fingerprint from the finger reading terminal to the corporate database for checking: they digitize it, create a set of forty variables that are defined by your print, and compare them to the database contents. But they keep your fingerprints on file all the same.

Now, there are some minor obvious flaws with any fingerprint reading system, starting with: don't use it when you've just been swimming. (Your skin swells up, obscuring your prints.) Don't use it if you've got eczema (I've got it, and it periodically wipes 20-30% of my fingerprints for a period of months or years). Don't burn your fingertip on the cooking range or you won't be able to buy any plasters. Wash your hands after every payment (after all, you don't think the shops will wipe down their readers every minute, do you? And the guy before you was probably scratching his ass right before he paid.) You'll have no joy using it if you're an amputee either ... but I digress.

One huge problem with this system is that if a criminal entrepreneur can figure out a way of faking out fingerprint readers, and can get their hands on a copy of your fingerprints and your bank account info, you are in a world of hurt.

Think it's impossible? Think again. A couple of enterprising students at Yokohama National University demonstrated, a couple of years ago, that it's trivially easy -- a kitchen worktop job, basically -- to cook up a "fake finger" that will fool a biometric scanner. Here's their paper on faking fingerprint readers.

A number of refinements to their techniques suggest themselves immediately. Suppose you are the criminal entrepreneur I mentioned earlier, and thanks to some discreet blackmail you've gotten hold of a backup DVD containing a database of fingerprint photographs and their associated bank account numbers. What can you do with it?

First you buy a gizmo called a 3D printer. 3D printers are tools for manufacturing three dimensional models out of resin, wax, sintered metal, or other substances; here's an overview of current desktop rapid prototyping tools, priced from US $7500 to $50,000. (Don't worry about the cost, your victims are the ones who'll pay for it.) I'd probably look into the Roland MDX-15/20 if I was doing this. The requirement is simple: you want a machine that you can feed a CAD diagram to, and which will then mill you a small metal mold -- the MDX-15 and MDX-20 are sold as "ideal for jewelry and model making", which I guess this job qualifies as.

Second, you or your accomplices in crime figure out a way of importing the fingerprint images into a CAD application. You're going to need to put some programming effort into this because what you want to do is to make a mold suitable for casting latex or silicone finger cots (dyed flesh-tone, naturally) engraved with a negative of the fingerprint.

Finally, you need a scheme that will allow you to deploy your fingerprint-reader-fooling bank fraud profitably. Because I don't want to encourage criminality I'm not going to give you one, but I can think of two right off the top of my head that drastically reduce the risk of being caught while maximizing the revenue stream. Hint: if you can turn the printed finger cots out on a production-line basis and package them, you've got something the size and shape of a sealed condom that you can sell for a thousand dollars a pop.

Now, it so happens that the Matsumoto dude's paper did not go unnoticed back in 2002. Everyone who's serious about fingerprints as a biometric is now looking at the next step: verifying that the fingerprint is attached to a finger. (Wax dummies need not apply.) But the main techniques -- an infrared camera to check that the finger is at body temperature, with bone and blood vessels -- won't work against a molded finger cot. You'd also need to check that the surface in contact with the scanner is skin. Which leads to the next logical escallation: fingerprint-modification.

It's not hard to modify your fingerprints temporarily. Just put your hand in a bowl of warm (or cold: warm is more comfortable) water for half an hour, then look at your pinky. It's wrinkled, right? After a period of immersion your skin absorbs water and swells. Now, I'd like you to imagine that rather than immersing your hand in water, you've immersed your pinky in a finger-cot molded with someone else's fingerprints -- with an irritant or inflammatory in the grooves but not on the ridges (possibly some formulation containing a small amount of a mustard agent). Your fingertip will become sore -- but the swelling will not be evenly distributed: it will follow the pattern of someone else's fingerprint.

This latter step is more speculative, but I see no reason why it can't be done. And short of going way beyond simple fingerprinting, to include iris recognition or DNA scanning or whatever, there's no easy way of preventing it.

There are two selling points in fingerprints-for-paying-for-groceries. One selling point is to you, the public: it's convenient. And the dirty little secret they won't tell you is that the selling point for the grocery stores is, it's cheap. Cheaper than credit card readers, faster, or simply packs more customers in because of the perceived convenience factor. Security is not a selling point for biometrics, other than in the most tenuous magical-thinking manner. And you can bet that those global databases of fingerprints and account numbers are going to be a huge target for every hacker on the planet, simply because of their value.

Security god Bruce Schneier said, "a decade ago, no one really knew what use a database of a million credit card numbers would be - turns out you can do a lot of things with it." ... "Right now, we are not at the point that there are obvious uses of fingerprint, but 'I don't know' is not a good response when discussing security threats." Personally, I think Bruce is an optimist. You can walk into a WalMart today, drop a thousand pounds, and walk out with a computer, scanner, and software that would allow you to forge any US banknote in circulation back in the 1980s with minimal risk of trivial detection. Another few years and you'll be able to buy a computer that can crack 1999's 60-bit SSL encrypted credit card transactions in minutes or hours.

The pace of change is accelerating in biometrics: I reckon the gap between payment mechanisms coming on the scene and powerful tools for cracking them reaching consumer-level prices may be as little as five to ten years. It's reasonable to suppose that the current arms race between police and thieves will continue: after all, the more trust we place in any identification technology, the more valuable an exploit that invalidates it will become. And yesterday's centralized biometric database is tomorrow's criminal identity hacking accessory.

Final note. It is getting one hell of a lot too easy to pick up fingerprints. Here's an educational latent fingerprint kit you can buy online, with enough material to take twenty sets of prints; here's where the cops buy theirs. If I were you, I'd take to wearing gloves whenever I go out in public! In fact, I think that might just be one of the whacky social changes I throw into my next SF novel, ten years hence: all the banking IT geeks will have added silk gloves to their work wardrobe. Ten years after that they'll all be into ceramic terylene bourkas to reduce the risk of DNA leakage -- but that's another story.

[Discuss criminal futures]

posted at: 13:27 | path: /sing | permanent link to this entry


Is SF About to Go Blind? -- Popular Science article by Greg Mone
Unwirer -- an experiment in weblog mediated collaborative fiction
Inside the MIT Media Lab -- what it's like to spend a a day wandering around the Media Lab
"Nothing like this will be built again" -- inside a nuclear reactor complex

Quick links:

RSS Feed (Moved!)

Who am I?

Contact me

Buy my books: (FAQ)

Missile Gap
Via Subterranean Press (US HC -- due Jan, 2007)

The Jennifer Morgue
Via Golden Gryphon (US HC -- due Nov, 2006)

Via (US HC -- due June 30, 2006)

The Clan Corporate
Via (US HC -- out now)

Via (US HC)
Via (US PB -- due June 27, 2006)
Via (UK HC)
Via (UK PB)
Free download

The Hidden Family
Via (US HC)
Via (US PB)

The Family Trade
Via (US HC)
Via (US PB)

Iron Sunrise
Via (US HC)
Via (US PB)
Via (UK HC)
Via (UK PB)

The Atrocity Archives
Via (Trade PB)
Via (Trade PB)
Via Golden Gryphon (HC)
Via (HC)
Via (HC)

Singularity Sky
Via (US HC)
Via (US PB)
Via (US ebook)
Via (UK HC)
Via (UK PB)


Some webby stuff I'm reading:

Engadget ]
Gizmodo ]
The Memory Hole ]
Boing!Boing! ]
Futurismic ]
Walter Jon Williams ]
Making Light (TNH) ]
Crooked Timber ]
Junius (Chris Bertram) ]
Baghdad Burning (Riverbend) ]
Bruce Sterling ]
Ian McDonald ]
Amygdala (Gary Farber) ]
Cyborg Democracy ]
Body and Soul (Jeanne d'Arc)  ]
Atrios ]
The Sideshow (Avedon Carol) ]
This Modern World (Tom Tomorrow) ]
Jesus's General ]
Mick Farren ]
Early days of a Better Nation (Ken MacLeod) ]
Respectful of Otters (Rivka) ]
Tangent Online ]
Grouse Today ]
Hacktivismo ]
Terra Nova ]
Whatever (John Scalzi) ]
Justine Larbalestier ]
Yankee Fog ]
The Law west of Ealing Broadway ]
Cough the Lot ]
The Yorkshire Ranter ]
Newshog ]
Kung Fu Monkey ]
S1ngularity ]
Pagan Prattle ]
Gwyneth Jones ]
Calpundit ]
Lenin's Tomb ]
Progressive Gold ]
Kathryn Cramer ]
Halfway down the Danube ]
Fistful of Euros ]
Orcinus ]
Shrillblog ]
Steve Gilliard ]
Frankenstein Journal (Chris Lawson) ]
The Panda's Thumb ]
Martin Wisse ]
Kuro5hin ]
Advogato ]
Talking Points Memo ]
The Register ]
Cryptome ]
Juan Cole: Informed comment ]
Global Guerillas (John Robb) ]
Shadow of the Hegemon (Demosthenes) ]
Simon Bisson's Journal ]
Max Sawicky's weblog ]
Guy Kewney's mobile campaign ]
Hitherby Dragons ]
Counterspin Central ]
MetaFilter ]
NTKnow ]
Encyclopaedia Astronautica ]
Fafblog ]
BBC News (Scotland) ]
Pravda ]
Meerkat open wire service ]
Warren Ellis ]
Brad DeLong ]
Hullabaloo (Digby) ]
Jeff Vail ]
The Whiskey Bar (Billmon) ]
Groupthink Central (Yuval Rubinstein) ]
Unmedia (Aziz Poonawalla) ]
Rebecca's Pocket (Rebecca Blood) ]

Older stuff:

June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002
April 2002
March 2002
(I screwed the pooch in respect of the blosxom entry datestamps on March 28th, 2002, so everything before then shows up as being from the same time)

[ Site Index] [ Feedback ]

Powered by Blosxom!