Scientists Have Discovered a Way to Recreate Your Fingerprint and Hack Your Phone

Impact

Logging into your phone with a scan of your fingertip is supposed to be the safest way to secure your phone. But a new study shows that may not be the case.  

A team of researchers at Michigan State University have shown that for less than $500 they can hack your phone. The method involves scanning an image of someone's fingerprint, reversing the scan so it's correctly oriented and printing it on a special piece of paper with silver conductive ink. Once a fingerprint has been stolen, it can't be so easily replaced. 

This is a far simpler exploit than a previously publicized attack which involved taking an image of a user's actual fingertip and manufacturing a fake fingerprint using wood glue or latex. Still others have come up with a range of tactics for stealing fingerprint data, including obtaining a fingerprint scan stored on an actual phone.

Though quick and automated, the study's procedure does have its flaws. It requires a 300 dots-per-inch resolution scan of the fingerprint in order to work effectively and that may be difficult to get. 

"Typically [you can get it] with the cooperation of the person (collusion) or if the person leaves a close to complete print on the surface he/she touches," Anil Jain, co-author of the Michigan State University study and professor of computer science and engineering told Mic.

Kai Cao, co-author of the study and postdoctoral researcher at MSU, said the study is aimed at debunking myths that biometric security is a cure-all for mobile identity security. Now, he says, he and Jain plan to develop anti-spoofing technology that would prevent hackers from stealing biometric identification in the future. 

h/t Boing Boing