You may think using a fingerprint sensor is a very secure method to lock down your smartphone, and you’re right, in most cases it indeed is. But don’t mistake this biometric technology as foolproof. Case in point, researchers at Michigan State University have found a way to unlock your smartphone using things like an off-the-shelf inkjet printer.
The researchers say that they can utilise an inkjet printer and a special photo paper to replicate your fingerprint and use it to unlock your devices. What’s even more scary is that the process takes less than 15 minutes to accomplish. The astonishing finding was published in a detailed report last month.
Kai Cao and Anil Jain, the researchers, created a working copy of a fingerprint using a special ink cartridges and paper, both of which were made by Japanese company AgIC. The ink, the researchers wrote, conducts electricity when printed on this particular paper, and creates a printed circuit. The next step is to scan a fingerprint of a person in high resolution and print it with the inkjet printer.
The findings are worth a praise, however, they also raise concerns about the security sophistication on our smartphones. These fake, printed fingerprint can be utilised to fool the sensors on a number of Android devices including the Samsung Galaxy S6 and the Huawei Honor 7. On an iPhone, the researchers were able to get “mixed results.”
“[…] Hackers can easily generate a large number of spoofs using fingerprint reconstruction or synthesis techniques which is easier than 2.5D fingerprint spoofs. This experiment further confirms the urgent need for antispoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment,” the researchers wrote.
“It should be noted that not all the mobile phones can be hacked using proposed method. As the phone manufactures develop better anti-spoofing techniques, the proposed method may not work for the new models of mobile phones. However, it is only a matter of time before hackers develop improved hacking strategies not just for fingerprints, but other biometric traits as well that are being adopted for mobile phones (e.g., face, iris and voice).”
With the advent of fingerprint sensors, which have trickled down in cost to find their way to affordable smartphones such as the Lenovo K4 Note, and their increasingly growing applications such as mobile payments, it is very important that companies further improve their fingerprint scanners to rule out any such loopholes from the system.[“source-ndtv”]