ProxyPrints: From Database Breach to Spoof, A Plug-and-Play Defense for Biometric Systems

• URL: http://arxiv.org/abs/2511.12739v1
• Date: Sun, 16 Nov 2025 19:12:36 GMT
• Title: ProxyPrints: From Database Breach to Spoof, A Plug-and-Play Defense for Biometric Systems
• Authors: Yaniv Hacmon, Keren Gorelik, Gilad Gressel, Yisroel Mirsky,
• Abstract summary: We present ProxyPrints, the first practical defense that brings cancellable biometrics to existing fingerprint recognition systems.<n> ProxyPrints acts as a transparent layer between the fingerprint scanner and the matching algorithm, transforming each scanned fingerprint into a consistent, unlinkable alias.<n>We evaluate ProxyPrints on standard benchmark datasets and commercial fingerprint recognition systems, demonstrating that it preserves matching performance while offering strong security and revocability.
• Score: 2.657356138730743
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Fingerprint recognition systems are widely deployed for authentication and forensic applications, but the security of stored fingerprint data remains a critical vulnerability. While many systems avoid storing raw fingerprint images in favor of minutiae-based templates, recent research shows that these templates can be reverse-engineered to reconstruct realistic fingerprint images, enabling physical spoofing attacks that compromise user identities with no means of remediation. We present ProxyPrints, the first practical defense that brings cancellable biometrics to existing fingerprint recognition systems without requiring modifications to proprietary matching software. ProxyPrints acts as a transparent middleware layer between the fingerprint scanner and the matching algorithm, transforming each scanned fingerprint into a consistent, unlinkable alias. This transformation allows biometric identities to be revoked and replaced in the event of a breach, without affecting authentication accuracy. Additionally, ProxyPrints provides organizations with breach detection capabilities by enabling the identification of out-of-band spoofing attempts involving compromised aliases. We evaluate ProxyPrints on standard benchmark datasets and commercial fingerprint recognition systems, demonstrating that it preserves matching performance while offering strong security and revocability. Our open-source implementation includes tools for alias generation and deployment in real-world pipelines, making ProxyPrints a drop-in, scalable solution for fingerprint data protection.

Related papers

• Adapter Shield: A Unified Framework with Built-in Authentication for Preventing Unauthorized Zero-Shot Image-to-Image Generation [74.5813283875938]
  Zero-shot image-to-image generation poses substantial risks related to intellectual property violations.<n>This work presents Adapter Shield, the first universal and authentication-integrated solution aimed at defending personal images from misuse.<n>Our method surpasses existing state-of-the-art defenses in blocking unauthorized zero-shot image synthesis.
  arXiv  Detail & Related papers  (2025-11-25T04:49:16Z)
• Deep Learning Models for Robust Facial Liveness Detection [56.08694048252482]
  This study introduces a robust solution through novel deep learning models addressing the deficiencies in contemporary anti-spoofing techniques.<n>By innovatively integrating texture analysis and reflective properties associated with genuine human traits, our models distinguish authentic presence from replicas with remarkable precision.
  arXiv  Detail & Related papers  (2025-08-12T17:19:20Z)
• Scalable Fingerprinting of Large Language Models [42.65365809809273]
  We introduce a new method, dubbed Perinucleus sampling, to generate scalable, persistent, and harmless fingerprints.<n>We demonstrate that this scheme can add 24,576 fingerprints to a Llama-3.1-8B model without degrading the model's utility.
  arXiv  Detail & Related papers  (2025-02-11T18:43:07Z)
• PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [23.149939556959772]
  We propose a new side-channel attack on the minutiae-based Automatic Fingerprint Identification System (AFIS) The attack scenario of PrintListener is extensive and covert. It only needs to record users' fingertip friction sound and can be launched by leveraging a large number of social media platforms.
  arXiv  Detail & Related papers  (2024-04-14T10:55:15Z)
• An Open Patch Generator based Fingerprint Presentation Attack Detection using Generative Adversarial Network [3.5558308387389626]
  Presentation Attack (PA) or spoofing is one of the threats caused by presenting a spoof of a genuine fingerprint to the sensor of Automatic Fingerprint Recognition Systems (AFRS) This paper proposes a CNN based technique that uses a Generative Adversarial Network (GAN) to augment the dataset with spoof samples generated from the proposed Open Patch Generator (OPG) An overall accuracy of 96.20%, 94.97%, and 92.90% has been achieved on the LivDet 2015, 2017, and 2019 databases, respectively under the LivDet protocol scenarios.
  arXiv  Detail & Related papers  (2023-06-06T10:52:06Z)
• Fingerprint Liveness Detection using Minutiae-Independent Dense Sampling of Local Patches [0.0]
  Fingerprint recognition and matching is a common form of user authentication. Spoof detection and liveness detection algorithms are being researched as countermeasures to this security vulnerability. This paper introduces a fingerprint anti-spoofing mechanism using machine learning.
  arXiv  Detail & Related papers  (2023-04-11T16:11:44Z)
• Secure and Privacy Preserving Proxy Biometrics Identities [25.272389610447856]
  This work proposes a novel approach for generating new artificial fingerprints also called proxy fingerprints. These proxy biometrics can be generated from original ones only with the help of a user-specific key. Using the proposed approach a proxy dataset is generated from samples belonging to Anguli fingerprint database. Matching experiments were performed on the new set which is 5 times larger than the original, and it was found that their performance is at par with 0 FAR and 0 FRR in the stolen key, safe key scenarios.
  arXiv  Detail & Related papers  (2022-12-21T07:02:11Z)
• Hierarchical Perceptual Noise Injection for Social Media Fingerprint Privacy Protection [106.5308793283895]
  fingerprint leakage from social media raises a strong desire for anonymizing shared images. To guard the fingerprint leakage, adversarial attack emerges as a solution by adding imperceptible perturbations on images. We propose FingerSafe, a hierarchical perceptual protective noise injection framework to address the mentioned problems.
  arXiv  Detail & Related papers  (2022-08-23T02:20:46Z)
• On the vulnerability of fingerprint verification systems to fake fingerprint attacks [57.36125468024803]
  A medium-size fake fingerprint database is described and two different fingerprint verification systems are evaluated on it. Results for an optical and a thermal sweeping sensors are given.
  arXiv  Detail & Related papers  (2022-07-11T12:22:52Z)
• SpoofGAN: Synthetic Fingerprint Spoof Images [47.87570819350573]
  A major limitation to advances in fingerprint spoof detection is the lack of publicly available, large-scale fingerprint spoof datasets. This work aims to demonstrate the utility of synthetic (both live and spoof) fingerprints in supplying these algorithms with sufficient data.
  arXiv  Detail & Related papers  (2022-04-13T16:27:27Z)
• Responsible Disclosure of Generative Models Using Scalable Fingerprinting [70.81987741132451]
  Deep generative models have achieved a qualitatively new level of performance. There are concerns on how this technology can be misused to spoof sensors, generate deep fakes, and enable misinformation at scale. Our work enables a responsible disclosure of such state-of-the-art generative models, that allows researchers and companies to fingerprint their models.
  arXiv  Detail & Related papers  (2020-12-16T03:51:54Z)
• An Overview of Fingerprint-Based Authentication: Liveness Detection and Beyond [0.0]
  We focus on methods to detect physical liveness, defined as techniques that can be used to ensure that a living human user is attempting to authenticate on a system. We analyze how effective these methods are at preventing attacks where a malicious entity tries to trick a fingerprint-based authentication system to accept a fake finger as a real one.
  arXiv  Detail & Related papers  (2020-01-24T20:07:53Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.