According to a new report, researchers at the University of Michigan have fooled smartphone fingerprint scanners.
Researchers Kai Cao and Anil Jain of the University of Michigan's Biometrics Research Group revealed that they were able to trick the fingerprint security in a Huawei Honor 7 and a Samsung Galaxy S6 using just an inkjet printer. "We have proposed a simple, fast and effective method to generate 2D fingerprint spoofs that can successfully hack built-in fingerprint authentication in mobile phones," said the researchers in their report. Previously, fingerprint spoofing has required hackers to lift the targeted print from a smooth surface and then cast it with wood glue or latex milk. With Jain and Cao's trick, all attackers would need is a 300dpi resolution photo of the targeted fingerprint. Attackers would then scan and mirror the image horizontally and print the image using an inkjet printer with one normal black ink cartridge and three silver cond uctive ink cartridges. The image must be printed on AGIC special paper.
The researchers tested this spoof on four devices, unlocking two successfully. They tested a Samsung Galaxy S6, Huawei Honor 7, iPhone 5s, and Meizu MX4 Pro with the fake fingerprint fooling the Samsung and Huawei smartphones. Apple and Meizu's fingerprint scanners were not tricked by the forgery. However, Cao noted that the spoof did work on an iPhone during a previous attempt. Jain noted, "Our method may also work on other traditional capacitive fingerprint sensors, which are not embedded in mobile devices." They added, "This experiment further confirms the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment."
Photo: © iStock.
