Experts tricked the fingerprint scanner with glue

Tricked the fingerprint scanner
Written by Emma Davis

Kraken Security Labs tricked the fingerprint scanner into finding a way to copy fingerprints on a budget a way to copy prints on a budget: $ 5, a laser printer and wood glue are needed.

Information security specialists have previously proposed various methods of deceiving fingerprint scanners, but, as a rule, these methods required significant investments or the presence of special equipment. For example, experts made a wax dummy of a hand for biometric authentication systems for vascular risk, law enforcement officers created copies of prints on 3D printers, and so on.

Researchers at Kraken Security Labs have come with a cheaper and easier way. As the team has demonstrated, stealing someone else’s fingerprint can be taken by taking a photo of it using any modern smartphone camera. The resulting print is then converted to negative using photo processing software. Even this basic editing is enough to get your sample ready for print, meaning you don’t need a high-resolution DSLR camera.

Any laser printer capable of working with transparencies usually used to make various cards, stencils, and overlays is suitable for printing. In this case, a laser printer is used because it can “etch” the print, making it three-dimensional.

After printing, a user needs to apply wood glue to the resulting fingerprint and let it dry. As a result, the resulting fingerprint will be able to fool almost any fingerprint scanner, for example, used in the new MacBook Pro.

We were able to carry out this attack on various devices that our team had for testing. If this were a real attack, the researchers say we would have access to a huge amount of confidential information. – Fingerprint should not be seen as a secure alternative to a strong password. Otherwise, your information (and possibly your crypto assets) will be vulnerable even to the most inexperienced intruders.

Protecting Yourself From the Attack
Protecting Yourself From the Attack

A fingerprint should not be considered a secure alternative to a strong password. Doing so leaves your information โ€” and, potentially, your crypto assets โ€” vulnerable to even the most unsophisticated of attackers.

It should be clear by now that, while your fingerprint is unique to you, it can still be exploited with relative ease. So, at best, you should only consider using it as second-factor authentication (2FA).

Let me remind you that we also wrote that VHD and VHDX images can help to bypass Windows and antivirus protection.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending