Biometrics are pretty convenient as way of keeping track of the identity of anyone accessing a building, using a PC and unlocking a smartphone. But how secure are they?
Just last month our own Charlie Fripp was hacked at MWC 2016 with dental paste and some Play-Doh, demonstrating just how easy it is for fingerprint locks to be broken by an attacker.
Now, two researchers at Michigan State University, Kai Cao and Anil Jain, have managed to spoof a fingerprint with little more than a piece of paper and an inkjet printer.
We say “little more” because the team also used AgIC silver conductive ink which may not be available in high street stores, but can be bought without raising too many eyebrows.
Combine this with special AgIC paper, black ink and a 300dpi fingerprint scan and you have almost unrestricted access to a Samsung Galaxy S6 or Huawei Honor 7. Take a look at how easy the process is in the video below.
The trouble with using a fingerprint as a password is quite obviously that if your fingerprint is compromised, how do you change your fingerprint?
You could of course use another finger but unlike your online banking password, you would need to be somewhere to get your fingerprint scanned, rather than just quietly changing your password from your PC at home.
The team of course doesn’t account for the fact that fingerprint scanners are evolving and some require that there be heartbeat and in some instances heat.
With that said, its better to know what risks exist in the wild than remaining blissfully unaware and vulnerable.[Via – Softpedia] [Image – SA BY/2.0 Adam Lynch]