Fingerprints can be reproduced from publicly available photos

At a conference in Hamberg Germany this weekend, biometrics researcher Jan Krisller demonstrated how he spoofed a politician’s fingerprint using photos taken by a “standard photo camera.”

Krissler speculated that politicians might even want to “wear gloves when talking in public.”

The Chaos Computer Club, which put on the conference, and Krissler, who goes by Starbug, have demonstrated their ability to breach fingerprint sensors in the past. Shortly after the first Touch ID-equipped iPhone came out, the Chaos Computer Club was the first group to demonstrate that it is possible to beat Touch ID by creating a fake latex finger from a fingerprint left on glass or a smartphone screen.

Krissler claims he isolated German Defense Minister Ursula von der Leyen’s fingerprint from high-resolution photos taken during a public appearance in October using commercially available software called VeriFinger.

Although there are some advantages to a biometric access over traditional passwords — you can’t lose your fingerprint, and it can’t be phished — as the technology goes mainstream, it’s raising its own security issues. In addition to the spoofing problem, there’s a debate in the United States whether a law enforcement officer can compel you to unlock your device with your finger.

Most iOS devices now come with Touch ID, Apple‘s fingerprint security hardware. A recent Apple patent shows a way to beef up fingerprint reader security by adding a swipe motion.

Fingerprint readers aren’t standard on Android phones, but several devices already have them installed, and source code indicates that Google has been working to add system-wide fingerprint scanning support.

Source : Fingerprints can be reproduced from publicly available photos, Kif Leswing ( https://gigaom.com/2014/12/29/fingerprints-can-be-reproduced-from-publicly-available-photos/ )

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s