How do I counterfeit a fingerprint scanner
How unique is my fingerprint?
Secure your smartphone with your fingerprint: This convenient solution is more error-prone than generally assumed. Because only parts of the finger are scanned, the likelihood of a false match is relatively high, as a study has now shown. In the test, simulated partial impressions outsmarted the security function of smartphones in up to 65 percent of the cases.
Most believe that their own fingerprint is unique. Fingerprint scanners are therefore enjoying growing popularity as a means of authentication in tablets and smartphones: Simply place your thumb on the sensor and the device is unlocked - provided the software verifies the scanned print as your own.
But this method is not as safe as it seems, as researchers working with Aditi Roy from New York University have now discovered. The problem: The small scanners in the smartphone only record part of the fingerprint. However, it is not always clear enough for unequivocal identification and therefore anything but “forgery-proof”.
The principle of the MasterPrint
For their study, the researchers analyzed 8,200 partial prints and looked for so-called “MasterPrints”: fingerprints whose partial prints matched as many others as possible that they can fool conventional identification software such as that in smartphones.
A MasterPrint is like an easy-to-guess password, explains Memon: “With a four-digit PIN, for example, the password 1234 is correct in about four percent of the cases. A fairly high hit rate, for that one guesses. ”Based on this example, the researchers then rated a fingerprint as a MasterPrint if it tricked the security software in four percent of the attempts.
better complete prints
As the researchers found, an average of 11.5 percent of the partial impressions had the potential of a MasterPrint. When comparing complete fingerprints, on the other hand, only one of 800 prints met the criteria, which corresponds to a proportion of 0.1 percent.
The results question the security of currently used fingerprint scanners, Memon suggests: "As expected, the probability of a false match for partial prints is much greater than for a full print, and most devices only identify partial prints."
Artificial impression as a universal key?
After analyzing the properties of the MasterPrints found, the researchers developed an algorithm to generate artificial partial MasterPrints. The scientists used them to outsmart 26 to 65 percent of smartphones, depending on how many fingerprints the user had stored in the device for identification. The more impressions were deposited, the more prone it was to false matches.
Even if this part of the experiment was only a simulation, it still shows that the technology is prone to errors. The researchers hope that better sensors with a higher resolution will be installed in the future in order to increase the security of smartphones. (IEEE Transactions on Information Forensics and Security, 2017; doi: 10.1109 / TIFS.2017.2691658)
(YU Tandon School of Engineering, April 18, 2017 - CLU)April 18, 2017
- What do you think about mysterious things
- What does it mean to follow someone on Quora
- How does air get into chapatis
- What does lack of empathy mean?
- A zero dimension is possible
- Which country has the best hospitals?
- What are your five favorite undervalued cryptocurrencies
- How effective is animation in e-learning
- How many NIS graduates are there in Singapore
- What screams I'm an ISTP
- What is success in your own words
- Who are the worst cricketers in India
- What is the income for grandmasters in chess
- How does literature influence society?
- How did Amazon FBA change your life
- What do you know about moonwalk
- Christians believe in dinosaurs
- I can be as good as Euler
- How can I stop feeling like shit?
- How do churches interact with politics
- Which translation of Plato's Dialogues is best
- Are Uyghurs proud to be Chinese?
- The downfall of the United States is inevitable
- What are high paying careers in Canada