Vulnerabilities in Fingerprint Scanners

Can a Fingertip Really Secure Your Smartphone?


Fingerprint readers have become common in smartphones. During the past half-decade, fingerprint sensors have been incorporated into a rising number of top-end devices as an added convenience, but are increasingly a standard feature in many cases. One swipe of the finger unlocks a phone, giving access to apps and services. But this handy feature may be leaving security holes that can be exploited for nefarious purposes.

Last week, researchers at New York University and Michigan State University published findings that suggest smartphones can easily be fooled by fake fingerprints digitally composed of many common features found in human prints. In computer simulations, researchers were able to develop a set of artificial "master prints" that could match real prints similar to those used by smartphones.

Although no two individual fingerprints are identical and full prints are difficult to counterfeit, fingerprint scanners on smartphones are so small that they actually only read partial fingerprints. When a user sets up fingerprint security on a phone, the device typically takes eight to 10 images of a finger to make it easier to make a match. Many users record more than one finger — usually the thumb and forefinger of each hand. A finger swipe has to match only one stored image to unlock the phone, and the system is vulnerable to false matches.

The researchers didn't test their results in a wider real-world study. Nonetheless, the team's conclusion that the use of partial fingerprints for verification can be spoofed so easily is worrisome. Phone makers have acknowledged that fingerprint sensors aren't perfect, but these findings raise questions about the effectiveness of fingerprint security on smartphones.

Current smartphones don't support military-grade biometrics. These fingerprint readers aren't bulletproof, despite being increasingly used for financial transactions, which require a high level of security. Device makers will increasingly explore multifactor authentication to approach foolproof methods of verification, and we have already seen other technologies such as iris recognition being implemented. The novelty stage of biometrics in mobile devices has passed and suppliers of biometric sensors will need to continue exploring more-advanced security. This includes larger or higher-resolution fingerprint sensors to reduce the risk of biometric hacking, and, even better, combining more than one security measure to protect users further.

This entry was posted on April 18th, 2017 and is filed under Devices. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Posted By Raghu Gopal On April 18th, 2017


Comments
(There are no comments yet)
Leave a Comment

Hot News

Team Tweets

CCS Insight
RT @MarinaKoytcheva: Honoured and happy to be part of the Women in Tech feature of Intercity Tech Magazine: https://t.co/hBEiZ57LAf Such…
Follow CCS Insight
Shaun Collins
RT @geoffblaber: There's some superb insights in our Tech Enthusiast survey across Wearables, VR & Smart Home. Average respondent owned 1.5…
Follow Shaun
Ben Wood
Adidas out of wearables as it disbands it’s Digitals Sports biz. Interesting to see what happens to @Runtastic… https://t.co/8ZA4mdzKIj
Follow Ben
Martin Garner
RT @MarinaKoytcheva: Honoured and happy to be part of the Women in Tech feature of Intercity Tech Magazine: https://t.co/hBEiZ57LAf Such…
Follow Martin
Geoff Blaber
I've heard this before.. "consumer opinion will limit the impact of the #NetNeutralty reversal". I don't buy it. It… https://t.co/fXrLjShY96
Follow Geoff
Marina Koytcheva
RT @CCSInsight: Our survey of 2,100 tech enthusiasts shows many have plenty more smart gadgets on their shopping lists https://t.co/DaaVoF8…
Follow Marina
Nicholas McQuire
Goodbye San Jose. A big thanks to @CitrixAR for hosting a superb event with such great content. Look forward to nex… https://t.co/E9o6ZISYuO
Follow Nicholas
Paolo Pescatore
This evening’s Premier League match #MCITOT has a 360 degree livestream & video clips within enhanced player of BT… https://t.co/LroiLAuF0u
Follow Paolo
Kester Mann
Disappointed @O2 didn't stick this out for longer. Was always going to take time to articulate benefits and initial… https://t.co/I2vfrqUnUr
Follow Kester
George Jijiashvili
RT @MarinaKoytcheva: Honoured and happy to be part of the Women in Tech feature of Intercity Tech Magazine: https://t.co/hBEiZ57LAf Such…
Follow George
Laura Simeonova
RT @CCSInsight: Optimization for artificial intelligence defines competitiveness in mobile chipsets in 2019 and beyond #ccspredicts https:/…
Follow Laura
Katie Taylor
RT @guardianscience: Scientists make first ever attempt at gene editing inside the body https://t.co/e8u0BT9a09
Follow Katie

Recent Blog Posts

Blog Post
Will Car Ownership Soon Be a Thing of the Past? Singapore Launches an Electric Car-Sharing Scheme On Tues... Read more
Blog Post
Survey Signals Appetite for More Devices CCS Insight Research Reveals Huge Demand for Smart Gadgets a... Read more
Blog Post
Brute Force Verizon and NFL Ink Five-Year, $2 Billion Streaming Deal On... Read more
More blog

Latest Company News

Blog Post
CCS Insight Predicts 1 Billion Users of 5G by 2023, with More Than Half in China 5G to take off faster than any previous mobile technology ... Read more
More news