Most Fingerprint Scanners Could Be Vulnerable To Exploit Within 20 Minutes

It seems the security experts need to work on developing some other technology for security considering the back-to-back threats to biometric authentication, particularly, the fingerprint scans. Recently, some Chinese hackers have claimed that they can hack any fingerprint scanners within minutes. This even applies to smartphones including iPhones that require fingerprint scans.

Researchers Claim To Hack Fingerprint Scanners

Reportedly, hackers from X-Lab have developed a system that can hack any fingerprint scanners in 20 minutes. They can even bluff an iPhone Touch ID using their technology. The researchers have demonstrated their system at the  GeekPwn 2019 conference held in Shanghai.

In brief, they have developed an app through which they can replicate fingerprints pictured from any surface. As reported by Forbes, the researchers asked some members to touch a glass surface. They then photographed the surface through their smartphones to capture the fingerprints. After passing the images through the app, they could then unlock the registered devices with ‘cloned’ fingerprints.

While they didn’t precisely explain the technology, it seems they presumably used 3d printing to clone the fingerprints. Nonetheless, using the cloned fingerprints, they seamlessly unlocked three different smartphones and two attendance machines at the conference.

According to X-Lab, they can easily defeat all three fingerprint scanning technologies popular in the industry: the ultrasonic (such as the one in Samsung Galaxy S10), capacitive, and optical.

Moreover, Chen Yu, team leader X-Lab, later told the media,

For this attack, the hardware cost more than RMB 1000 (US$140) in total, and the software is just one phone and one app.

Not The First…

With this research, X-Lab claimed to be the first to overthrow fingerprint security.

However, they clearly aren’t the first to meddle with fingerprint scans. If it is about unlocking devices, then we have recently witnessed how a mere cheap silicon cover could ditch the security. And, if we think of sophisticated technology to clone fingerprints, then researchers have already developed DeepMasterPrints, using which they can bluff any fingerprint recognition system via synthetic fingerprints.

Nonetheless, what seemingly makes X-Lab’s work unique is its ability to extract fingerprints from random surfaces. This even includes copying the fingerprints from a drinking glass.

Chen Yu advises the users to simply wipe off any surfaces that they touch to clear their fingerprints.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil