This toolbox contains a description of the process, tools, and materials needed to construct and use a selection of fingerprint PAIs. Not all PAIs are described as there is an almost unlimited number when considering variations in materials and methods that can be used.
Fingerprint PAD testing is a combination of fingerprint data acquisition, mold making, cast preparation (the PAI) and PAI presentation to the sensor.
A fingerprint mold is a physical master pattern created from the fingerprint that will be attacked. The mold is a physical negative of the source fingerprint, with ridge valleys formed thicker than ridges. There are many ways to create a mold, such as directly from the finger, or from a scanned fingerprint image that is printed on a PCB. A mold should be able to be reused repeatedly for the purposes of this testing.
A cast is the PAI, the individual artefact that will be presented to the sensor for PAD testing. The cast is created from the mold, and is usually specific to the type of mold being used.
There are a variety of fingerprint sensors on the market with differing methods of collecting biometric data needed for PAD. The selection of which PAI to use when attacking fingerprint sensors is dependent on what sensor technology is used. It is expected that the inventory of this toolbox will grow as new PAD technologies come to market and as new PAI materials and processes are developed.
The process to produce and use a fingerprint PAI begins with collecting the biometric data upon which the PAI will be based. A mold then needs to be made. Depending on the mold type, the biometric data may need to be processed prior to mold construction. This is generally the case when the mold is not formed directly from the target’s finger. For this version of the toolbox, direct manufacturing of the PAI from the PAD data, such as 3D printing, is not considered. Such processes may be included in future versions of the toolbox. Finally, a cast of the fingerprint (PAI) is made and presented to the sensor.
Fingerprint data is often acquired from a flat surface. This could be from a latent print left on a mobile device or a piece of paper. Flat fingerprint data can also be imaged on a typical touch fingerprint scanner. For this toolbox, only a subset of possible ways to acquire a flat fingerprint image are considered to reduce testing cost and simplify materials storage and handling requirements. While latent prints are a common source of fingerprint data and can be used to mount attacks, they can contain biometric data that is noisy and incomplete. Latent prints will not be included in this toolbox for PAD testing. Images from commercial fingerprint scanners will be used to acquire all flat friction ridge data for this version of the toolbox.
Latent fingerprints on non-porous surfaces can be imaged with digital cameras. The image is then processed before making a mold. The ideal image has very high contrast between the ridges and valleys. This contrast can be enhanced by varying the angles between the camera, light source(s) and the surface with the latent. Additionally, commercially available fingerprint dusting powders can be applied to increase this contrast and enhance the separation of the friction ridge pattern from the background of the image. Latent fingerprints on porous surfaces such as paper may require chemical treatment to enhance the visibility of the friction ridge pattern. Depending on the surface, the process for developing a latent fingerprint image can vary greatly and may require specialized tools, handling hazardous chemicals, and using dangerous equipment. For these reasons as well as those cited above, using latent fingerprints is beyond the scope of this toolbox.
Commercial fingerprint scanners are a good source of flat friction ridge images. Images from commercial scanners are generally high quality, distortion free, have good detail, can be of high resolution, have good grayscale contrast and are readily available. It is recommended that a commercial scanner be used for image acquisition. The highest resolution images available should be used for PAD testing purposes. The image resolution should be 1000 PPI or higher if the scanner supports it.
Images of fingerprints are usually captured in grayscale. To make a mold, a black and white image is often required. Images can be converted to black and white by applying a threshold filter to the image in photo processing software. Images can be improved by using photo editing software that allows very fine detail image manipulation at the pixel level. Noise, dust, and scratches in the image can be removed in this process, however, evaluators shall be careful not to remove too much Level 3[1] information when removing image artifacts.
Another method of converting the grayscale fingerprint image to black and white is to run the image through so called binarization software. This software, similar to that performed in the MINDTCT algorithm found in NIST Biometric Image Software (NBIS)[2], automatically detects ridges and valleys, and converts each to their respective black and white colors. This kind of software, however, can obscure some Level 3 detail.
Molds that are flat produce flat PAIs. Genuine fingers are not flat. This does not necessarily pose a problem, as most TOE fingerprint sensors have flat platens that require physical contact with the friction ridge of the target finger in order to acquire biometric data. Such contact causes the user’s finger to flatten.
Printed circuit boards come in varying substrate and copper cladding thicknesses. The substrate thickness should be thick enough to allow easy handling and prevent noticeable flexing of the PCB. A thickness of 1.6 mm is typical and sufficient for PAD testing applications. A common substrate material used in PCBs is designated FR4 or fiberglass reinforced epoxy. The copper cladding should be 2.74 mils thick, referred to as “2 oz. of copper” in the PCB manufacturing industry. This is twice the standard PCB trace thickness of “1 oz. of copper”. The thicker copper traces provide a greater relief (i.e., a higher degree of depth) between the PAI ridges and valleys.
Molds made from laser-printed overhead transparency material are similar to PCB molds. They are easier, cheaper, and faster to make than PCB molds. However, a smaller relief (i.e., a lower degree of depth) between the PAI ridges and valleys will be noticed when compared to equivalent PCB molds.
As of October 17, 2023 it was determined that curved attacks have an attack potential higher than Basic, and so are out of scope of the current set of requirements. See Technical Decision BIO0004 for more details.
For the purposes of this toolbox, capturing curved fingerprint data means acquiring friction ridge data while the finger is not in contact with another object that causes the skin to deform (as it would on a fingerprint scanner). This can be done in multiple ways.
The simplest method of capturing the fingerprint data is to create a mold directly from the finger. The mold material should be soft enough to not alter the shape of the finger.
Dental impression materials like vinyl polysiloxane (also called polyvinyl siloxane) and polyethers are well suited to capturing friction ridge detail. They are readily available, easy to work with, are dimensionally stable once set, are reusable, and do an excellent job of capturing fine details from the fingerprint. Once the ridge information is captured in the impression material, no further “processing” of the data is necessary. Care should be taken to keep the finished mold clean prior to use.
Acquiring friction ridge topology data without touching the finger is possible with stereo optical imaging of the finger, laser scanning, structured light imaging, and other methods. The three dimensional (topology) information obtained in this way can be processed in 3D modelling software to create molds or PAIs directly through additive manufacturing techniques. This version of the toolbox does not include the use of 3D models of fingers to make PAIs or molds.
Curved molds attempt to reproduce the original shape of the target finger while capturing the friction ridge detail. As mentioned above, when acquiring biometric data, the friction ridge area of the finger, whether genuine or a PAI, is flattened against the sensor. PAIs made from curved molds can either be thin enough to wrap around the attacker’s finger or other object when presented to the TOE. They may also be made of materials that allow the friction ridge area of a finger-shaped PAI to be flattened similar to a real finger.
As stated above, direct impression materials make excellent molds. They come in varying set times all of which are on the order of a few minutes.
When using these materials, mold release agents may be needed depending on the subject’s skin and the specific impression material used. Follow impression material manufacturer instructions for the use of mold releases. Practice and testing may be needed to determine the best combination for creating high quality molds for any specific subject.
Test results should specify if, when, how and which mold release agents are used.
Most of the time PAD data and how it is processed is proprietary and not publicly known. In some cases, the same method used to collect biometric data for verification and identification is the same as used for PAD data collection. As a result, PAI construction involves making an exemplar of the target’s friction ridge pattern. The PAI may also attempt to reproduce other physical properties such as skin color, subdermal layering, electrical properties of conductivity, impedance, blood movement, and elasticity.
Fingerprint PAD testing is a four step process. An image of the target fingerprint must first be acquired and the resultant image processed for mold making. Then a mold is made following the appropriate procedures for the mold type. If the mold is a direct impression of the target finger, the first step is eliminated. Once the mold is ready, cast material is prepared as necessary and applied to the mold. Upon removal from the mold, the cast may be used as is or be further processed by applying selected coatings to enhance the physical properties of the PAI. Finally, the PAI is presented to the TOE.
The Biometric PAD Toolbox Overview document specifies requirements for all PAD testing, including requirements related to the preparations necessary to successfully complete an evaluation.
As the fingerprint sensors being tested here are all based on touch, several common actions should be taken to ensure the highest quality of the original samples. These actions can be divided into component cleaning to ensure environmental clarity and presentation practice to minimize noise. These actions will provide for the creation of better PAI with less need to "process" the samples using image enhancement (beyond what is needed to produce the PAI).
Section 5.1.1 Preparation of the Biometric PAD Toolbox Overview should be reviewed for further details about how to ensure high quality samples.
Component cleaning is to ensure environmental clarity for the presentation of any fingerprint (live or PAI). To the extent possible, all surfaces should be cleaned for each use (some PAI do not allow for explicit cleaning once created, but can be handled with proper care to ensure cleanliness). Sensors/scanners should be cleaned according to the manufacturer’s recommendations to ensure proper functionality. When a sample is taken, both the finger in use and the material/sensor being used to record the fingerprint must be cleaned. Before a mold is used to create a PAI, it must be cleaned (according to the best practices for the materials in use). When a PAI is to be used, the PAI and the sensor must be cleaned (the PAI should be cleaned where possible, or handled in a way to ensure cleanliness when it isn’t possible to be cleaned).
By ensuring a clean environment, the samples taken will not have additional dust/debris that can impact the quality of the sample or the presentation of the PAI.
Presentation practice will help to minimize noise in the provided sample. This noise is related to poor presentation of the finger or PAI to the sensor (or mold), generating a poor result. For example, sliding your finger on the sensor instead of holding it still will cause the sample to be "smeared". Each type of PAI will have its own unique requirements for producing the highest quality result and should be practiced individually.
Fingerprint image acquisition for flat PAIs is the same for all attacks. An image of the subject’s finger is captured using a high quality commercial fingerprint scanner. The image can be from a slap or rolled image. If a rolled image is acquired, the evaluator may want to crop the fingerprint image to make a smaller mold containing only the central part of the fingerprint that would usually be in contact with the TOE sensor during normal operation. This region should be large enough to cover as much of the sensor as possible when presenting the PAI to the TOE. This same finger shall be used to enroll the subject into the TOE. Each image shall be acquired under controlled and favorable conditions so as to produce high quality friction ridge information. When supported by the scanner, the image file received shall be in bitmap, TIFF, RAW, or other lossless file formats. Image files using the WSQ format at a bitrate of 2.25 (≅5:1 compression) are acceptable if lossless file formats are not available from the scanner.
The image then needs to be processed such that the resultant image contains only black (0 in the 8-bit grayscale color space) and white (255 in the 8-bit grayscale color space) pixels. This can be done by hand using photo editing software suitable for pixel level adjustments or in an automated fashion using binarization software. The resulting enhanced images should have black ridges and white valleys. Pores and creases are also white. The resultant image should be life-sized and remain at the highest resolution available. Resizing the image shall not use interpolation without justification approved by the BIT.
The binarized image should be centered in the image canvas. The entire image canvas should be at least twice the width and height of the area covered by the ridges. In other words, leave adequate space around the fingerprint so that casts made from the mold can be handled without touching the ridges. Make sure to leave adequate working space between the images if multiple images are placed on one transparency or PCB.
Flip the image along the vertical axis producing a mirror image of the fingerprint.
Invert the image so that the ridge lines are now white and the remaining areas are black.
The binarized images are printed onto either a sheet of laser printer transparency material or the appropriate transfer paper used in PCB fabrication. The laser printer transparency serves as the mold in this attack. For the PCB attack, the transfer paper is used in one of the mold preparation steps.
-
Obtain transparency material for use in a laser printer.
-
Using a Small Office / Home Office grade laser printer, print the binarized life-sized images of the target fingerprint spaced as mentioned above on the transparency material.
-
If available, the printer settings shall be adjusted for as high a quality output as possible. The goal is to get as thick a coating of toner on the transparency as possible.
-
-
Make sure the black lines on the transparency correspond to the valleys of the fingerprint.
-
Obtain a PCB fabrication kit.
-
Using a Small Office / Home Office grade laser printer, print the binarized life-sized images of the target fingerprint spaced as mentioned above on the transfer paper of the PCB fabrication kit.
-
Follow PCB fabrication kit manufacturer recommendations for adjustments to the printing process.
-
-
Make sure the black lines on the transfer paper are the valleys of the fingerprint.
-
Follow the PCB fabrication kit manufacturer instructions for completing the PCB fabrication.
-
The specific process will depend on the manufacturer chosen, but the PCB mold, independent of the manufacturer, should result in a mold with the copper traces corresponding to the valleys of the fingerprint.
-
A mold is made from the target finger friction ridge pattern using a direct impression material (such as a dental impression material). The friction ridges of the enrolled finger are pressed into impression material to create a curved mold of the fingerprint.
-
Prepare a suitable container for the direct impression material.
-
The container should be large enough to contain adequate material sufficient to cover the entire friction ridge area of the target finger from the tip to the first joint crease.
-
The container should be shaped such that the target finger can be laid down at a shallow angle to the surface of the direct impression material.
-
-
Make sure the target finger is clean and dry.
-
If needed apply mold release to the target finger following the manufacturer instructions.
-
Prepare the direct impression material according to manufacturer instructions.
-
Fill the container with sufficient direct impression material to cover the entire friction ridge area of the target finger from the tip to the first joint crease.
-
Immediately place the target finger into the direct impression material holding it stationary until the material is completely set up according to manufacturer instructions.
-
Be careful that the target finger does not touch the bottom of the container. The finger should “float” in the direct impression material.
-
-
Carefully remove the finger from the material. Rolling or “peeling” the finger from the mold may help with the release.
-
Allow the mold to sit for 15 minutes or longer (following the manufacturer instructions) before use to ensure curing is complete
-
Keep the mold clean and dust free until use.
All casts (PAIs) are made by preparing the cast material and then placing it into the mold of choice. After a time appropriate for the cast material to set, the PAI is removed from the mold. All cast materials should be gently removed from the molds by carefully peeling the cast from the mold. Care should be taken to not deform the friction ridges or tear the cast.
The lifespan of a given PAI depends on the material used and the storage method. Properly prepared silicone PAIs can remain viable almost indefinitely. Gelatin PAIs can be stored for several weeks to months. In general modeling compound and non-Newtonian fluid PAIs must be used immediately after removal from the mold. Some modeling compound PAIs can be allowed to dry for a short time after being removed from the mold before they are presented to the TOE.
The specific preparation for each material is unique and can be found in the Toolbox Inventory. While the current toolbox focused on the materials specified in the Toolbox Inventory, there is research showing that other tools may also be used for creating high quality PAIs. The evaluator should be aware of the latest research and utilize tools that will yield good results. The addition of new materials for PAIs must be contributed to the iTC for approval and acceptance/inclusion in the toolbox according to the Toolbox Maintenance document.
PAIs must be scanned by the same fingerprint scanner to compare the original image with the scanned image and visually check that the PAI has clear and similar friction ridge pattern. For a PAI that can only be used a single time, the first PAI should be compared to the original image.
Each PAI is presented to the TOE in the same manner. With the subject user enrolled in the TOE, and the TOE in a state where it is capable of responding to a biometric presentation, the PAI is presented to the TOE biometric sensor in the same manner as a real finger would be.
For gelatin and silicone based PAIs:
-
The finished cast should be placed on tester’s preferred finger with friction ridge pattern oriented the same as the tester’s friction ridge pattern. (That is, make sure the PAI is not upside down.)
-
Theater adhesive may be used to hold the PAI in place.
-
-
Gently press the PAI onto the sensor.
-
Use enough force to cause the fingertip to slightly flatten against the sensor surface
-
Care should be taken to not crush the PAI ridges.
-
For curved PAIs, different areas of the PAI friction ridge pattern may be presented to the sensor on consecutive presentations to simulate real world interactions with the TOE.
-
-
Carefully observe friction ridges between each presentation. Any signs of degradation require replacement of the PAI.
For non-Newtonian fluid and modeling compound PAIs:
-
Remove the PAI from the mold.
-
For non-Newtonian fluid casts:
-
The cast can be presented immediately to the sensor.
-
-
For modeling compound casts:
-
The cast should be presented immediately to the sensor.
-
The cast can also be allowed to air dry for a short time before being presented to the sensor.
-
-
-
Gently press the PAI onto the sensor.
-
Use enough force to cause the PAI to slightly flatten against the sensor surface.
-
Care should be taken to not crush the PAI ridges.
-
For curved PAIs, different areas of the PAI friction ridge pattern may be presented to the sensor on consecutive presentations to simulate real world interactions with the TOE.
-
-
Discard the PAI after each use.
If stored artefacts will be used for testing, a number of fresh artefacts are still required to ensure that stored artefacts have not degraded in non-visible ways that would effect the testing. Stored artefacts also have maximum ages based on the date of initial creation (weeks are used for consistent time periods). Stored artefacts can only be used up to the maximum age based on the time difference between the creation date and the use date (use must be completed before the maximum age allowed).
The following table specifies the maximum amount of stored artefacts that can be used for each type and the maximum age allowed for the artefacts to be used.
| Artefact type | Max stored artefacts allowed | Max age of stored artefacts |
|---|---|---|
Non-Newtonian fluid |
Not allowed |
Not applicable |
Modeling compound |
None allowed |
Not applicable |
Gelatin with glycerin |
50% |
13 weeks (3 months) |
Silicone |
50% |
26 weeks (6 months) |
| Mold type | Max stored molds allowed | Max age of stored molds |
|---|---|---|
Laser printer transparency |
80% |
52 weeks (1 year) |
Printed Circuit Board |
80% |
52 weeks (1 year) |
Dental Impression material |
80% |
52 weeks (1 year) |
Moldable Plastic |
80% |
13 weeks (3 months) |
The tools used for this toolbox consist of materials and processes which span the range of children’s toys to medical professional applications. Nevertheless, all methods and processes are those with which a layman or hobbyist should be comfortable using. The costs for every material is also low. Evaluator skill and practice at conducting PAD testing is a significant factor in the efficacy of the PAIs.
Most commercial fingerprint scanners are designed to output 500 PPI grayscale images, however there are some that produce 1000 PPI images. The native hardware resolution of the scanner is oftentimes higher than the output resolution. This higher resolution is then reduced in software to 500 PPI. If 1000 PPI resolution scanners are not readily available, the evaluator may need to purchase a specialized version of the scanner or scanner driver software that outputs the preferred 1000 PPI images. Some scanner manufactures may be willing to provide the special driver at nominal cost. Alternatively, the evaluator could use a Software Development Kit (SDK) to develop his own driver. Many fingerprint scanner manufactures provide free SDKs for their devices.
The evaluator shall create artefacts defined in all test items listed in the Fingerprint Verification List. The Fingerprint Verification List specifies the species types that must be created.
PAD Toolbox Overview defines required number of attempts for the independent testing and maximum timeframe for both independent and penetration testing.
To complete the testing, the evaluator will need to create both molds and casts (artefacts). The instructions for creating the molds and casts are divided between the Fingerprint Toolbox Inventory and the individual attacks as follows.
The Fingerprint Toolbox Inventory lists all the tools and materials that are required for the creation of the molds and casts. While some of the cast materials may be purchased and used directly, others require the evaluator to create the cast material from a recipe. Where the evalautor is creating the cast material, the instructions are included in the Fingerprint Toolbox Inventory. This cast material would then be used to create the casts in the attack documents.
The instructions for casts in the attack documents expect that a cast material is already available. The instructions related to the cast in the attack documents focus on how to create the cast (artefact), and any tools specified are only those needed for the creation of the cast itself, not for the cast material.
IAPAR shall be less than the specified value in FIA_MBV_EXT.3.1 in any case. If additional Pass/Fail Criteria is defined in the test items, then the evaluator shall also follow them.
The Fingerprint Toolbox was created based on references listed in Fingerprint Toolbox References. The evaluator should refer to them before conducting the PAD testing because they include more detailed information about PAD test methods.