Presentations and attacks, and spoofs, oh my

“Presentation attacks” are attacks at a biometric recognition data capture sensor which interfere with its normal operation. When artificial materials are used to create a fake biometric characteristic, it has been more commonly termed spoofing and the artifacts used to attack the system have been called spoofs. This paper gives an overview of this field, describes vocabulary formalized by the recent publication of an ISO standard for biometric “presentation attack detection,” and discusses evaluating the performance of systems which incorporate methods to detect and reject presentation attacks. In particular, this paper describes terms such as “attack presentation classification error rate” and “attack presentation match rate” from the ISO standard. To reduce confusion, it is important to differentiate metrics related to presentation attacks from the false accept rate which is specifically referring “zero-effort” imposter attempts, not a presentation attack. Last, some considerations for the future which relate to evaluating the performance of presentation attack detection are discussed.