"Fingerprints are increasingly being used to verify the identity of an individual in a variety of applications ranging from unlocking doors to securing smartphones to authorizing payments. In some applications such as smartphones, the fingerprint sensor is small in size for ergonomic reasons and, therefore, these sensors obtain only partial images of a user’s fingerprint. Since small portions of a fingerprint are not as distinctive as the full fingerprint, the chances of a partial fingerprint (from one finger) being incorrectly matched with another partial fingerprint (from a different finger) are higher. Recent research has demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks based on MasterPrints. MasterPrints are real or synthetic fingerprints that can fortuitously match with a large number of fingerprints thereby undermining the security afforded by fingerprint systems."
"For a DeepMasterPrint, we need to create a synthetic fingerprint image that can fool a fingerprint matcher. The matcher should not only realize that the image is a fingerprint (visual realism), but should also match that fingerprint image to many different identities. Therefore, a generator network has to be combined with a method of searching for DeepMasterPrints. This technique uses a neural network to learn to generate images of fingerprints. It then uses evolutionary optimization to search the latent variable space of the neural network for a DeepMasterPrint. The Covariance Matrix Adaptation Evolution Strategy (CMA-ES) is used to search the input space of the trained neural network for the ideal fingerprint image. This unique combination of evolutionary optimization and generative neural networks allows the neural network to constrain the search space while the evolutionary algorithm handles the discrete fitness function. This is the first work that creates a synthetic Masterprint at the image-level thereby further reinforcing the danger of utilizing small-sized sensors with limited resolution in fingerprint applications."
"This approach not only generates an image, but it also has the potential to find a more effective solution than previous approaches. To implement this approach, we developed a new technique called Latent Variable Evolution. There are two parts to Latent Variable Evolution (LVE); (1) train a neural network to generate images of fingerprints, and (2) search over the latent variables of the network (the input vector to the generator network) for a fingerprint that results in the best DeepMasterPrint, i.e., a fingerprint image that matches with a large number of other fingerprint images. In this work we train two generator networks, both using the WGAN algorithm. The networks are modeled after deep convolutional GAN and defined in Figure1 [18]. One network is trained on a dataset of fingerprints scanned with a capacitive sensor, and the other on a dataset of inked and rolled fingerprints. The networks are trained adversarially with a Wasserstein loss function and RMSProp with a learning rate of 0.00005 [2]. The generators are trained using the minibatch gradient descent scheme. Each batch samples 64 images and 64 latent variable vectors. We trained each generator for 120,000 updates, with the discriminator being trained 5 times between each generator update. Using deconvolutions for the generator resulted in blocky artifacts therefore we switched to upsampling with convolutions."
"To be verified, only one of the 12 partial fingerprint templates has to match with the input fingerprint. This is the fundamental weakness that MasterPrints and DeepMasterPrins are exploiting. The fitness of a latent variable involves converting each set of latent variables to an image, checking images against all the partial prints in the system, and then summing up the unique identities that have at least one match. For our work, we use several different fingerprint matchers. We use the widely popular commercial fingerprint system, VeriFinger 9.0 SDK. We model two types of fingerprint images; those scanned from inked-and-rolled impressions and those obtained from a capacitive sensor. Rolled fingerprints are produced by applying ink to the finger and rolling the finger on paper. The rolled fingerprints come from the publicly available NIST Special Database 9 fingerprint dataset. The dataset consists of all 10 fingerprints of 5400 unique subjects. Each fingerprint is an 8-bit grayscale image. In our work, the right thumbprint of each subject is selected. The images are then preprocessed by removing the whitespace and downscaling the resulting image to 256 × 256 pixels. To obtain partial fingerprint samples, a random 128 × 128 region is extracted every time an image is selected. The capacitive fingerprint images come from the FingerPass DB7 dataset [13]. This dataset has 12 partial fingerprints for each of 720 subjects."
The fake fingerprints were "able to spoof 23% of the subjects in the dataset at a 0.1% false match rate. At a 1% false match rate, the generated DeepMasterPrints can spoof 77% of the subjects in the dataset. Experiments with three different fingerprint matchers and two different datasets show that the method is robust and not dependent on the artifacts of any particular fingerprint matcher or dataset."