TABULA RASA is the intriguingly-named effort by the European Commission to make biometric systems practically hack-proof.
Fingerprint and facial biometric systems are especially prone to direct attacks, also known as spoofs. A spoof works just like in the movies: the bad guys falsify a biometric trait (like, somebody’s fingerprint) and present it to the biometric system to gain access to the bank vault or robot factory. This is actually do-able by copying the person’s fingerprint and creating an artificial (or gummy) finger.
Surprisingly, TABULA RASA claims that the spoofing issue doesn’t just affect large companies with advanced security. In fact, it’s also hitting emerging small and medium sized enterprises that wish to sell biometric technologies in emerging fields.
Seeking justice, the TABULA RASA project hopes to address the need for a draft set of standards to examine the spoofing problem and propose countermeasures such as combining biometric information from multiple sources.
They’re also hoping to examine novel biometrics that may be inherently robust to direct attacks. These might include vascular (vein) biometrics, electro-physiological signals like heartbeat (very cool), or even unique gait. Not surprisingly, all these have the potential to be harder to replicate than an iris or fingerprint.