System for detecting and mitigating fraudulent biometric input

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Manoj Aggarwal · Lawrenceville, US
• Brad Musick · Seattle, US
• Gerard Guy Medioni · Seattle, US
• Rui Zhao · Beijing, CN
• Zhen Han · Beijing, CN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06V40/50
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Biometric input, such as images of a hand obtained by a biometric input device, may be used to identify a person. An attacker may attempt to gain access by presenting false biometric data with an artificial biometric model, such as a fake hand. During a suspected attack, the attacker is prompted for additional data. For example, email address, telephone number, payment information, and so forth. This provides additional information about the attack while prolonging the time spent by the attacker on the attack. Information explicitly indicating failure is delayed or not presented at all. Data associated with an attack is placed into an exclusion list and further analyzed to recognize and mitigate future attacks. A subsequent attempt that corresponds to exclusion data proceeds with presenting prompts, gathering further information and consuming more of the attacker's time and resources.