Researchers have spoofed biometric fingerprint security in two models of mobile phone using nothing more than an inkjet printer.
Kai Cao and Anil Jain of the University of Michigan wrote in their new report: “We have proposed a simple, fast and effective method to generate 2D fingerprint spoofs that can successfully hack built-in fingerprint authentication in mobile phones.”
The fingerprint is a popular method of identification due to the fact that there are no two identical fingerprints among the seven billion people on the planet, but it is by no means impregnable.
Fingerprint spoofing is also nothing new. Those who desire to fool a fingerprint sensor, for whatever reason, have traditionally lifted the fingerprints of the targeted hand from a smooth surface such as glass before making a ‘gummy' cast with wood glue or latex milk.
This method takes time and expertise though. The one formulated by Jain and Cao, is far more efficient.
All the wilful attacker needs to do, wrote Jain and Cao, is get a 300dpi resolution photograph of the desired fingerprint. Scan and mirror that image horizontally to cancel out the natural image reversal that photos tend to do to their subjects. Then, using an inkjet printer loaded with one normal black ink cartridge and three silver conductive ink cartridges, print the image on AgIC special paper.
The method is detailed in a video which the pair released on YouTube towards the end of February.
Using the printed fingerprints, Cao and Jain were able to spoof the actual fingerprints of the owners of a Huawei Honor 7 and a Samsung Galaxy S6.
Jain spoke to SCMagazineUK.com and told us that there are two research teams within his lab, one that works on fingerprint technology and another which works on face recognition.
It's not too hard to imagine face recognition being spoofed by simply presenting a printed colour face in front of a camera. This, said Jain, “piqued our curiosity to see if the capacitive fingerprint sensors on mobile phones can be spoofed in a similar fashion by presenting a printed 2D fingerprint image”.
To confirm this suspicion, Jain and Cao carried out the experiment on the two models of smartphone. Jain added, “Our method may also work on other traditional capacitive fingerprint sensors, which are not embedded in mobile devices.”
This isn't the first time mobile biometric security has been hacked. Germany's own Chaos Computer Club cracked the iPhone 5s's fingerprint security days after it was released. The disclosure, posted on the club's website, read, "This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided."
Cao and Jain came to similar conclusions. They wrote, “Hackers can easily generate a large number of spoofs using fingerprint reconstruction or synthesis techniques. This experiment further confirms the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment.”
While the authors admit that not all of the newer models may be vulnerable in the same way, “It is only a matter of time before hackers develop improved hacking strategies not just for fingerprints, but other biometric traits, as well, that are being adopted for mobile phones.”
Huawei and Samsung did not respond in time for publication.