Image Replay Attack
An image replay attack is the use of an image to fool an authentication method.
Image playback attacks are most commonly used by attackers attempting to gain access to a system protected by less-than-secure implementations of biometric authentication technology.
The method has been successfully used against inexpensive fingerprint scanners, iris scanners, and facial recognition systems.
In the simplest cases, image replay attacks involve a printed image of the subject used for authentication. An attacker can, for example, present an image of an authorized user to a facial recognition system.
Additional measures may be implemented in face recognition and iris scanning to hide printed or static images, but such measures include requiring the user to wink, blink, or speak.
More sophisticated methods of image replay attack may involve playing recorded video and audio to overcome these measures. There are also methods to protect against these attacks.
However, video and audio are usually out of sync to a noticeable degree when played back from a file. Security algorithms have been created to detect inconsistencies and prevent these attacks.
Protecting Biometric Authentication Methods from Image Replay Attacks Methods used to detect replay attacks cannot be relied upon. The reverse is also true.
When security is important, it is recommended that administrators be aware of both attack methods and countermeasures.