Can Cosmetic and Plastic Surgery Spoof the Security of Biometrics?
The following is a guest post from Dr. Simon Weight in Perth, Australia.
Biometrics have long been hailed as fool-proof. While they do provide a high degree of security, they can be bypassed just like any security mechanism.
The most prominent way that biometrics can be bypassed is through the use of cosmetic and plastic surgery. This can allow certain types of susceptible systems to return false positives when surgery tailors certain physical traits of a person to match those that an algorithm searches for.
A Practical Example of Biometrics Being Bypassed
The best way to answer “Can it be done?” is to look at a time when biometrics have been bypassed.
In December of 2009, a Chinese woman in Japan name Lin Rong was able to bypass biometrics put in place by Japanese controls to essentially give her an entirely new identity. She accomplished this by having an illegal surgery that swapped skin grafts of her fingers.
The Japanese authorities reported that this type of bypass is a practice likely to be widespread among illegal immigrants in Japan.
Faking Facial Recognition
While it’s one thing to confuse a system based on biometrics, it’s an entirely different thing to attempt to fake one’s identity as another person. This may be possible with implants or other simple surgeries that alter the way that fingerprints work.
The true test concerning biometrics being faked is if facial recognition can be bypassed.
The surprising answer is that it can be in some instances. A comprehensive facial recognition program that searches for multiple vectors can be used to safe guard against this problem as well, but that will be addressed later.
To understand the challenges presented by cosmetic and plastic surgery as it applies to facial recognition, it’s important to understand that there are two types of cosmetic surgery: local and global surgery.
The former alters one local feature, such as the nose, while the latter alters the entire facial structure. This can make predicting change due to plastic surgery nearly impossible due to the fact that information on such surgery is likely unavailable.
An Imperfect Solution
Individual algorithms that attempt to address the issues that plastic surgery can present with regards to facial recognition are nowhere near perfect on their own. The algorithm with the lowest accuracy rating for predicting cosmetic surgery changes is the Principle Component Analysis (PCA) algorithm with a success rate of 29.1%, and the highest is the Neutral Network Architecture-Based 2-D Log Polar Gabor Transform (GNN) with a success rate of 54.2%.
The best strategy to use is to employ several algorithms into a facial recognition biometrics system. This allows multiple vectors to be checked, which in turn makes it significantly harder to falsify biometrics readings. It’s essential to ensure you’ve chosen the correct plastic surgeon, and that they’re up to the job.
The lowest computed value of any given employed algorithm can then be used to assess if an individual has undergone plastic surgery. This allows for the maker of a biometrics system to employ a risk analysis for subjects that matches the level of security required by the system.
At worst, this will require that a valid employee have their facial recognition credentials qualified again while keeping possible intruders out of areas they aren’t supposed to have access to.
While this method is imperfect, as it relies upon at least one feature resulting in a positive or close match, it’s a better solution than none at all. Future techniques may make it easier for one face to be compared to another with more accurate results.
This post comes from the writing team at Dr. Simon Weight’s clinic in Perth. Dr. Simon is an expert in cosmetic surgeries, although he does advise obtaining a new passport if you’ve had considerable facial work done.
2 thoughts on “Can Cosmetic and Plastic Surgery Spoof the Security of Biometrics?”
This is a fascinating outlook on plastic surgery. I have seen it often only considered for improved features on ones body, but to use as a tool for shenanigans? never. I am curious what the next big security measure will be? Up until now iris scanners and thumb print scanners have been hailed as the future.
It is true that biometric security measures can be bypassed through the use of cosmetic and plastic surgery, especially if the surgery is used to alter local or global facial features. Facial recognition programs can also be bypassed through plastic surgery, particularly global facial surgery that alters the entire facial structure. This type of surgery makes it difficult to predict how a person’s face will change, making it more challenging for facial recognition algorithms to identify a person. To overcome these challenges, more comprehensive facial recognition programs that search for multiple vectors can be used to safeguard against bypassing biometric security. Additionally, regular updates and improvements to biometric systems and security protocols can help to mitigate the risks of cosmetic and plastic surgery being used to spoof biometrics.