SIST-TS CEN/TS 18099:2025
(Main)Biometric data injection attack detection
Biometric data injection attack detection
This document provides an overview on:
- Definitions on Biometric Data Injection Attack,
- Biometric Data Injection Attack use case on main biometric system hardware for enrolment and verification,
- Injection Attack Instruments on systems using one or several biometric modalities.
This document provides guidance on:
- System for the detection of Injection Attack Instruments (defined in 3.12),
- Appropriate mitigation risk of Injection Attack Instruments,
- Creation of test plan for the evaluation of Injection Attack Detection system (defined in 3.9).
If presentation attacks testing is out of scope of this document, note that these two characteristics are in the scope of this document:
- Presentation Attack Detection systems which can be used as injection attack instrument defence mechanism and/or injection attack method defence mechanism. Yet, no presentation attack testing will be performed by the laboratory to be compliant with this document (out of scope).
- Bona Fide Presentation testing in order to test the ability of the Target Of Evaluation to correctly classify legitimate users.
The following aspects are out of scope:
- Presentation Attack testing (as they are covered in ISO/IEC 30107 standards),
- Biometric attacks which are not classified as Type 2 attacks (see Figure 1),
- Evaluation of implementation of cryptographic mechanisms like secure elements,
- Injection Attack Instruments rejected due to quality issues.
Digitale Präsentationsangriffe in biometrischen Systemen
Dieses Dokument bietet eine Übersicht über:
- Definitionen zu Injektionsangriffen mit biometrischen Daten,
- Anwendungsfälle zu Injektionsangriffen mit biometrischen Daten auf wesentliche, für Enrolment und Verifizierung genutzte Hardwarekomponenten von biometrischen Systemen,
- Instrumente für Injektionsangriffe auf Systeme, die eine oder mehrere biometrische Modalitäten nutzen.
Dieses Dokument bietet einen Leitfaden für:
- System zur Detektion von Injektionsangriffsinstrumenten (definiert in 3.12),
- Angemessene Risikominderung für Injektionsangriffsinstrumente,
- Erstellung eines Prüfplans für die Evaluierung eines Systems zur Detektion von Injektionsangriffen (definiert in 3.9).
Prüfungen zu arglistigen Präsentationen gehören zwar grundsätzlich nicht zum Anwendungsbereich dieses Dokuments, die folgenden beiden Charakteristika liegen jedoch im Anwendungsbereich dieses Dokuments:
- Systeme zur Detektion von arglistigen Präsentationen, die als Mechanismus zur Abwehr von Injektionsangriffsinstrumenten und/oder Mechanismus zur Abwehr von Injektionsangriffsmethoden verwendet werden können. Es werden jedoch keine Prüfungen zu arglistigen Präsentationen von dem Labor durchgeführt, um Compliance mit diesem Dokument herzustellen (außerhalb des Anwendungsbereichs).
- Prüfungen zu Präsentationen in gutem Glauben zur Überprüfung der Fähigkeit des Evaluierungsgegenstands, rechtmäßige Benutzer korrekt zu klassifizieren.
Die folgenden Aspekte liegen außerhalb des Anwendungsbereichs:
- Prüfungen zu arglistigen Präsentationen (wie in den Normen der Reihe ISO/IEC 30107 behandelt),
- Biometrische Angriffe, die nicht als Angriffe des Typs 2 klassifiziert sind (siehe Bild 1),
- Evaluierung der Implementierung von kryptographischen Mechanismen wie Sicherheitselementen,
- Injektionsangriffsinstrumente, die aufgrund von Qualitätsproblemen zurückgewiesen wurden.
Détection d’attaques par injection de données biométriques
Le présent document donne un aperçu général de ce qui suit :
- les définitions relatives à l'attaque par injection de données biométriques ;
- les cas d'utilisation d'une attaque par injection de données biométriques sur le matériel principal du système biométrique pour l'enrôlement et la vérification ;
- les instruments d'attaque par injection sur des systèmes utilisant une ou plusieurs modalités biométriques.
Le présent document fournit des recommandations concernant :
- le système de détection des instruments d'attaque par injection (définis en 3.12) ;
- le risque d'atténuation approprié des instruments d'attaque par injection ;
- la création d'un plan d'essai pour l'évaluation du système de détection d'attaque par injection (défini en 3.9).
Les essais d'attaques de présentation ne relèvent pas du domaine d'application du présent document, contrairement aux deux caractéristiques suivantes :
- les systèmes de détection des attaques de présentation qui peuvent être utilisés comme mécanisme de défense contre les instruments d'attaque par injection et/ou comme mécanisme de défense contre les méthodes d'attaque par injection. Cependant, aucun essai d'attaque de présentation ne sera effectué par le laboratoire pour être conforme au présent document (hors du domaine d'application) ;
- l'essai de présentation de bonne foi afin de tester la capacité de la cible d'évaluation à classer correctement les utilisateurs légitimes.
Les aspects suivants ne relèvent pas du domaine d’application :
- les essais d'attaque de présentation (car ils sont couverts par les normes ISO/IEC 30107) ;
- les attaques biométriques qui ne sont pas classées comme des attaques de Type 2 (voir Figure 1) ;
- l'évaluation de la mise en œuvre de mécanismes cryptographiques tels que les éléments sécurisés ;
- les instruments d'attaque par injection rejetés en raison de problèmes de qualité.
Odkrivanje napadov z vnašanjem biometričnih podatkov
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
01-februar-2025
Odkrivanje napadov z vnašanjem biometričnih podatkov
Biometric data injection attack detection
Digitale Präsentationsangriffe in biometrischen Systemen
Détection d’attaques par injection de données biométriques
Ta slovenski standard je istoveten z: CEN/TS 18099:2024
ICS:
35.030 Informacijska varnost IT Security
35.240.15 Identifikacijske kartice. Čipne Identification cards. Chip
kartice. Biometrija cards. Biometrics
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
CEN/TS 18099
TECHNICAL SPECIFICATION
SPÉCIFICATION TECHNIQUE
November 2024
TECHNISCHE SPEZIFIKATION
ICS 35.030
English Version
Biometric data injection attack detection
Détection d'attaques par injection de données Detektion von Injektionsangriffen mit biometrischen
biométriques Daten
This Technical Specification (CEN/TS) was approved by CEN on 13 October 2024 for provisional application.
The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.
CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and
United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2024 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 18099:2024 E
worldwide for CEN national Members.
Contents Page
European foreword . 4
Introduction . 5
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 8
4 Symbols and abbreviations . 10
5 Conformance . 11
6 Characterization of biometric data injection attacks . 11
6.1 Injection Attack Methods . 11
6.2 Injection Attack Instruments . 13
7 Framework for injection attack detection mechanisms . 14
7.1 Overview of different types of injection attack detection . 14
7.2 Injection Attack Method Defence Mechanisms . 15
7.3 Injection Attack Instrument Defence Mechanisms . 16
7.4 Combination of different types of IAD . 17
7.5 Security vs general public use . 17
8 Evaluation of IAD systems . 18
8.1 Overview . 18
8.2 General principle of evaluation . 18
8.3 Injection attack methods . 20
8.4 Injection attack instruments . 20
8.5 Personal Data Protection of volunteers in IAD Assessments . 21
8.6 Levels of difficulty of the evaluations . 21
9 Metrics for IAD evaluations . 23
9.1 General. 23
9.2 Metrics for IAD subsystem evaluation . 23
9.3 Metrics for full system evaluation . 23
10 Attacks rating methodology . 24
10.1 General. 24
10.2 Identification and exploitation phases . 25
10.3 Time effort . 25
10.4 Expertise . 26
10.5 Knowledge of the product under evaluation . 26
10.6 Equipment . 27
10.7 Access to TOE . 28
10.8 Access to biometric characteristics . 29
10.9 Degree of scrutiny . 29
11 Report . 30
Annex A (normative) Evaluation success decision based on vulnerability identification and
exploitation and attack rating . 32
Annex B (informative) Different examples of injection attacks and injection attack
instruments in the literature. 33
B.1 Injection attacks . 33
B.2 Injection attack instruments . 33
Annex C (informative) Obstacles to biometric data injection attack in a biometric system . 34
C.1 Biometric data injection attack at enrolment . 34
C.2 Biometric data injection attack at verification . 34
Bibliography . 36
European foreword
This document (CEN/TS 18099:2024) has been prepared by Technical Committee CEN/TC 224 “Personal
identification and related personal devices with secure element, systems, operations and privacy in a
multi sectorial environment”, the secretariat of which is held by AFNOR.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN website.
According to the CEN/CENELEC Internal Regulations, the national standards organisations of the
following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and the
United Kingdom.
Introduction
Biometric technology is used to identify or verify individuals thanks to their physiological or behavioural
characteristics. Therefore, biometric technologies are often used nowadays as component of a security
system. In a security system, biometrics is usually used to recognize people in order to check if they are
known or not to the system.
From the very beginning in the use of biometrics, potential attacks against such recognition systems were
widely acknowledged by the community. This has given rise to the development of attack detection
solutions, to defeat subversive recognition attempts.
ISO/IEC 30107-1 describes nine points of attacks onto a biometric system, as shown in Figure 1. But, the
ISO/IEC 30107 series deals only with Type 1 attacks, i.e. presentations to the biometric data capture
subsystem with the goal of interfering with the operation of the biometric system. The ISO/IEC 30107
series does not consider within its scope those attacks that are applied outside the front end of the
acquisition system, i.e. those attacks which are not physically presented to the embedded capture device.
Figure 1 — Examples of points of attack in a biometric system [5]
The emergence of remote identity verification solutions based on biometric (such as facial) recognition
and the use of mobile applications or web browser applications could provide new means of attacking
the recognition process. One of these attacks is the Type 2 attack (see Figure 1), which is based on the
attacker modifying the data flow.
This document is focused on such Type 2 attacks, called Biometric Data Injection Attacks. Such an
injection attack consists in the action of interfering with the biometric system by replacing the original
data sample provided by the user at the biometric data capture device, with another biometric sample,
before the execution of the feature extraction process.
EXAMPLE An injection attack can be the injection of fingerprint image/video in a fingerprint contactless
system.
The feasibility of such digital attacks has been identified by several agencies such as:
— French ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) in remote identity
verification referential called P.V.I.D. [1],
— European Standards Organization ETSI (European Telecommunications Standards Institute) in their
TS 119 461 which deals with remote identity verification [2],
— European Union Agency for Cybesecurity (ENISA) in “Remote Identity Proofing: Attacks and
Countermeasures” report [3],
— German BSI (Bundesamt für Sicherheit in der Informationstechnik) in the Technical Guideline TR-
03147 Assurance Level Assessment of Procedures for Identity Verification of Natural Persons [4],
— Spanish CCN Security Guide for ITC products – Annex F.11: Videoidentification tools [12].
Yet, there is no national or international standard for biometric data injection attacks as there is for
presentation attacks with the already available ISO/IEC 30107 standards or for generic biometric
systems with the ISO/IEC 19792 standard [22].
This standard activity could be a common base for the work undertaken by French ANSSI, Spanish CCN
and ETSI. This standardization gap has also been identified by ENISA (European Network and
Information Security Agency) which has written a report on the vulnerability landscape of the remote
digital identity service providers using biometrics [3].
Thus, this document will provide a foundation for Injection Attack Detection through defining terms and
establishing a framework through which biometric data injection attack events can be specified and
detected so that they can be categorized, detailed and communicated for subsequent biometric system
decision making and performance assessment activities.
Secure elements and any other cryptographic security features are no
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.