This site uses cookies to improve your experience and to provide services and advertising. By continuing to browse, you agree to the use of cookies described in our Cookies Policy. You may change your settings at any time but this may impact on the functionality of the site. To learn more see our Cookies Policy.
Dublin: 5 °C Wednesday 11 December, 2019

You can trick a smartphone fingerprint scanner in just 15 minutes with a printer

Not all smartphones can be tricked this way but it’s still a concern for users.

IT’S POSSIBLE TO trick a smartphone’s fingerprint scanner with just 15 minutes, a regular inkjet printer, and some special ink.

Researchers from Michigan State University have published a paper on a new technique for breaking into smartphones by tricking their fingerprint scanners with an image printed with conductive ink.

The process makes use of products from AgIC, a company that produces conductive inks and special paper (it’s intended for making DIY circuit boards).

(We first saw the research over on Boing Boing.)

The process is fairly simple.

1) First, you need a good photo of the target’s fingerprint. This might be lifted off a glass surface. You scan it into the computer and reverse it (so it looks normal again once printed).
2) Next, get any normal inkjet printer, and install some AgIC conductive ink cartridges, as well as special AgIC glossy paper.
3) Then print the fingerprint onto the paper the same size it would be if it was a normal fingerprint.

And with that, you’re done! You can use that print to gain access to some smartphones – the researchers (successfully) attempted to break into the Samsung Galaxy S6 and the Huawei Honor 7 for the test.

screen shot 2016-03-07 at 09.43.34 Source: Michigan State University

The researchers close by calling for better checks to be put in place to prevent this kind of spoofing. As increasing numbers of smartphones use fingerprints for ever-more purposes, from unlocking to authorising payments, it puts more users at risk of these kind of attacks.

And unlike passcodes, it’s almost impossible to “hide” your fingerprint: You leave it on everything you touch.

They conclude (emphasis ours):

In summary, we have proposed a simple, fast and effective method to generate 2D fingerprint spoofs that can successfully hack built-in fingerprint authentication in mobile phones. Furthermore, hackers can easily generate a large number of spoofs using fingerprint reconstruction or synthesis techniques which is easier than 2.5D fingerprint spoofs. 
This experiment further confirms the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment. It should be noted that not all the mobile phones can be hacked using proposed method. As the phone manufactures develop better anti-spoofing techniques, the proposed method may not work for the new models of mobile phones.
However, it is only a matter of time before hackers develop improved hacking strategies not just for fingertips, but other biometric traits as well that are being adopted for mobile phones (e.g., face, iris and voice).

Here’s a video demonstrating the process.

Source: Michigan State University/YouTube

Read: This is what reading looks like when you have dyslexia >

Read: Bad news for Apple users as first ever ransomware targeting Macs appears >

  • Share on Facebook
  • Email this article

Published with permission from:

Business Insider
Business Insider is a business site with strong financial, media and tech focus.

Read next: