IA-5(17)

  • Requirement

    Employ presentation attack detection mechanisms for biometric-based authentication.

  • Discussion

    Biometric characteristics do not constitute secrets. Such characteristics can be obtained by online web accesses, taking a picture of someone with a camera phone to obtain facial images with or without their knowledge, lifting from objects that someone has touched (e.g., a latent fingerprint), or capturing a high-resolution image (e.g., an iris pattern). Presentation attack detection technologies including liveness detection, can mitigate the risk of these types of attacks by making it difficult to produce artifacts intended to defeat the biometric sensor.

More Info

  • Title

    Authenticator Management | Presentation Attack Detection for Biometric Authenticators
  • Family

    Identification and Authentication
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

      AC-7

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!