Incident: Biometric Iris Scanners Vulnerable to Hacking via Reverse-Engineering

Published Date: 2012-07-26

Postmortem Analysis
Timeline 1. The software failure incident of iris scanners being hackable was reported in an article published on July 26, 2012 [13313]. Therefore, the software failure incident with iris scanners being hackable likely occurred around July 2012.
System The software failure incident described in the article involved the failure of biometric authentication systems, specifically fingerprint and iris scanning systems. 1. Fingerprint authentication system 2. Iris scanning system These systems failed due to vulnerabilities that allowed hackers to reverse-engineer digital templates of fingerprints and iris scans, creating gummy finger versions and reconstructed iris images to fool the authentication systems [13313].
Responsible Organization 1. Cybercriminals [13313]
Impacted Organization 1. Users relying on biometric identifiers like fingerprints and iris scans for authentication were impacted by the software failure incident [13313].
Software Causes 1. The software cause of the failure incident was the vulnerability in the biometric scanning systems, specifically in the way the digital templates of fingerprints and iris scans were stored and used for authentication [13313].
Non-software Causes 1. Lack of physical security measures in place to protect biometric data [13313] 2. Vulnerabilities in the design and implementation of biometric scanning systems [13313]
Impacts 1. The software failure incident revealed a significant vulnerability in biometric security systems that use iris scans and fingerprints for authentication [13313]. 2. The incident demonstrated that biometric data stored in digital templates can be reverse-engineered, allowing hackers to create fake fingerprints and iris scans to bypass security measures [13313]. 3. This vulnerability could potentially lead to unauthorized access to critical systems and accounts, compromising sensitive information and data security [13313].
Preventions 1. Implementing multi-factor authentication alongside biometric identifiers could have prevented the software failure incident. By requiring an additional form of authentication such as a password or a security token, the system would have added an extra layer of security [13313]. 2. Regularly updating and patching the software used for biometric scanning could have helped prevent vulnerabilities from being exploited by hackers [13313]. 3. Conducting thorough security testing, including penetration testing, on the biometric scanning system to identify and address potential weaknesses before they can be exploited by malicious actors [13313].
Fixes 1. Implementing additional layers of security alongside biometric authentication, such as multi-factor authentication, to enhance overall system security [13313]. 2. Regularly updating and patching the software used for biometric authentication to address vulnerabilities and improve security measures [13313]. 3. Conducting thorough security assessments and penetration testing on biometric systems to identify and address potential weaknesses before they can be exploited by hackers [13313].
References 1. Researchers at the University of Bologna in Italy [13313] 2. Javier Galbally, a researcher at the Universidad Autonoma of Madrid, Spain [13313]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident related to the vulnerability of biometric scanners, specifically iris scanners, has happened again within the same organization or with its products and services. The article discusses how researchers at the Universidad Autonoma of Madrid, Spain, were able to hack into an iris scanning system by reconstructing an eyeball from a digital iris template, showing an 87% success rate at the Black Hat cybersecurity conference in Las Vegas [13313]. This indicates a recurring issue with the security of biometric scanners within the same organization or research community.
Phase (Design/Operation) design, operation (a) The software failure incident related to the design phase is evident in the article as researchers were able to reconstruct fingerprints and iris scans from digital templates stored in computers. This indicates a vulnerability in the design of the biometric systems where the digital templates were not secure enough to prevent reverse-engineering [13313]. (b) The software failure incident related to the operation phase is highlighted in the article where researchers demonstrated how they could manipulate the iris scanning system by creating a fake iris image from the stored iriscode. This manipulation allowed them to gain access to the system with a high success rate, showcasing a flaw in the operation of the iris scanning system [13313].
Boundary (Internal/External) within_system (a) within_system: The software failure incident discussed in the article is related to the vulnerability of biometric scanners, specifically iris scanners, to hacking techniques that involve reverse-engineering digital templates stored within the system. Researchers were able to reconstruct fingerprints and iris scans from these digital templates, allowing them to create gummy finger versions or fake iris images to fool the system into granting unauthorized access. This vulnerability originates from within the system's design and implementation of biometric authentication technology [13313]. (b) outside_system: The software failure incident does not directly involve contributing factors originating from outside the system. The vulnerability exploited by the researchers was inherent to the way biometric data was stored and processed within the system itself, rather than being caused by external factors or attacks [13313].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident related to non-human actions in this case is the vulnerability of biometric scanners, specifically iris scanners, to hacking techniques. Researchers were able to reconstruct a fingerprint from a digital template stored in a computer and create gummy finger versions to fool the system. Similarly, they were able to create an eyeball from a digital iris template to bypass iris scanning systems. These vulnerabilities were exploited without direct human involvement in the scanning process, highlighting the non-human actions leading to the software failure incident [13313]. (b) The software failure incident related to human actions in this case involves the actions of cybercriminals or hackers who exploited the vulnerabilities in biometric scanners. By using hacking skills and techniques, these individuals were able to manipulate the digital templates of fingerprints and iris scans to gain unauthorized access to systems. The human actions of these hackers directly contributed to the failure of the biometric scanning systems, showcasing the impact of human actions on software security incidents [13313].
Dimension (Hardware/Software) hardware, software (a) The software failure incident related to hardware can be seen in the article where researchers were able to reconstruct a fingerprint from the digital template stored in a computer. They were successful in creating gummy finger versions of the prints that could be used to fool the computer into letting them into someone else's account [13313]. (b) The software failure incident related to software can be observed in the article where researchers were able to build an eyeball from a digital iris template, despite the complexity of the human iris. By manipulating the stored iriscode and feeding it back into the system, they were able to gain access with an 87% success rate, highlighting a vulnerability in the iris scanning systems that should be addressed [13313].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident described in the article is malicious in nature. It discusses how researchers were able to hack into biometric systems using reverse-engineering techniques to create fake fingerprints and iris scans, allowing unauthorized access to someone else's account. The article highlights the vulnerabilities in biometric scanners that can be exploited by cybercriminals with hacking skills [13313].
Intent (Poor/Accidental Decisions) poor_decisions (a) The intent of the software failure incident related to poor_decisions: The software failure incident discussed in the article highlights a vulnerability in biometric scanners, specifically iris scanners, due to poor design decisions. Researchers were able to demonstrate how iris scanners could be hacked by reconstructing an eyeball from a digital iris template, allowing unauthorized access to systems. The vulnerability stemmed from the fact that the iris scanning system did not verify that the image being presented was a real human eye, indicating a flaw in the system's design [13313].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident related to development incompetence can be seen in the article where researchers were able to reconstruct a fingerprint from the digital template stored in a computer, allowing them to create gummy finger versions that could fool the computer into letting them into someone else's account. This highlights a vulnerability in the biometric system that was not adequately addressed during development [13313]. (b) The software failure incident related to accidental factors can be observed in the article where researchers at the Universidad Autonoma of Madrid, Spain, accidentally discovered a way to create an eyeball from a digital iris template, allowing them to successfully get into the system with an 87% success rate. This accidental discovery exposed a vulnerability in the iris scanning system that was not intentionally designed or anticipated [13313].
Duration temporary The software failure incident described in the article [13313] pertains to the vulnerability of biometric scanners, specifically iris scanners, to hacking. This incident can be categorized as a temporary failure. The article explains how researchers were able to successfully hack into the system by reverse-engineering the digital templates used for iris scans, allowing them to gain access with an 87% success rate. This vulnerability highlights a specific circumstance where the system can be compromised through a certain method of manipulation, rather than being permanently flawed due to inherent design issues.
Behaviour omission, value, other (a) crash: The articles do not mention a software failure incident related to a crash where the system loses state and does not perform any of its intended functions. (b) omission: The software failure incident described in the articles is related to omission. The failure occurred because the system omitted to perform its intended functions at an instance(s). Specifically, the iris scanning systems failed to properly verify the authenticity of the scanned biometric data, allowing unauthorized access [13313]. (c) timing: The articles do not mention a software failure incident related to timing, where the system performs its intended functions correctly but too late or too early. (d) value: The software failure incident described in the articles is related to a failure in value. The system performed its intended functions incorrectly, leading to a security vulnerability where unauthorized access could be gained using manipulated biometric data [13313]. (e) byzantine: The articles do not mention a software failure incident related to a byzantine behavior, where the system behaves erroneously with inconsistent responses and interactions. (f) other: The other behavior observed in the software failure incident described in the articles is related to a flaw in the system's authentication process. Despite the use of biometric identifiers like fingerprints and iris scans, the system failed to adequately verify the authenticity of the scanned data, allowing for potential exploitation through manipulated biometric templates [13313].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence theoretical_consequence, other (a) death: People lost their lives due to the software failure - unknown (b) harm: People were physically harmed due to the software failure - unknown (c) basic: People's access to food or shelter was impacted because of the software failure - unknown (d) property: People's material goods, money, or data was impacted due to the software failure - unknown (e) delay: People had to postpone an activity due to the software failure - unknown (f) non-human: Non-human entities were impacted due to the software failure - unknown (g) no_consequence: There were no real observed consequences of the software failure - unknown (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur - The article discusses the potential consequence of bad actors resorting to gruesome measures like chopping off fingers and cutting out eyeballs to break into critical systems, but it is mentioned that they don't need the original sample at all, just some hacking skills and a printer [13313]. (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? - The article highlights the vulnerability in biometric scanners, specifically iris scanning systems, which could potentially lead to unauthorized access to critical systems [13313].
Domain information (a) The failed system in the article was related to the information industry as it discussed the vulnerability of biometric identifiers like fingerprints and iris scans used for logging into critical systems [13313].

Sources

Back to List