Facial authentication with Howdy

Security

As with all biometric applications, it is possible to fool Howdy. Figure 1 shows that a well-made image can pass as a face even if the size does not really fit. In the example, however, several attempts were required, and we had to permanently move the book cover used as a fake slightly in order to successfully record a profile. OpenCV's network is particularly sensitive to nodding.

On the Howdy homepage, developer Lem Severein points out the danger of manipulation and emphasizes the need to use a good IR video camera. But even a good IR camera could be fooled with some additional effort, just as fingerprint sensors can be fooled. The German Chaos Computer Club (CCC) has demonstrated problems with biometric authentication several times.

Severein came up with a useful extension to improve security known as rubber stamps [5]. Whenever Howdy recognizes a face – and only then – you can call predefined additional routines. These routines can then add additional tests, such as whether the user has pressed a certain key. If the additional condition is met, the software evaluates the authentication as correct. The mechanism is still missing in the current stable Howdy v2.6.1, but it is already available in the Git repository.

A separate tutorial shows how to implement appropriate rules (stamp rules). Howdy uses the possibilities of the OpenCV library. You can, for example, use a nod or a shake of the head as confirmation or negation. You are even allowed to define a minimum number of nods to confirm the authentication.

Severein has been working on Howdy 3.0 for more than a year, but a release date has not been set yet. In addition to the rubber stamps, version 3.0 will probably include a graphical user interface (GUI). A preview is available in the form of the developer version (Figure 3). To start the interface, you need the Python elevate module from the python-elevate package. Then change to the src/ directory and call ./.init.py.

Figure 3: A preview of Howdy 3.0, which will probably include a GUI.

Conclusion

Howdy shows where the world is headed: Self-learning systems and biometric data for authentication will probably play an important role in the future. So far, however, the special hardware requirements mean that Howdy is more of a proof of concept than an actual authentication solution suitable for industrial use. Having said this, you can use rubber stamps to increase security in practice.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News