Android smartphones
offering biometric security can be tricked into unlocking with
2D fingerprints, say researchers – and all you need is some glossy paper
and an Inkjet printer.
According to a paper published by Michigan State University
researchers Kai Cao and Anil Jain, fingerprint scanners on Android devices can
be duped with a high-resolution photo of the owner’s fingerprint. Photos
need only be flipped horizontally and then printed on a certain paper with
photo-conductive ink cartridges.
The flaw doesn’t appear to be limited to just one
model of smartphone, as researchers were able to fool a Samsung Galaxy S6
and Huawei’s Honor 7 using the same method.
Fingerprint sensors have become an increasingly
common form of smartphone security since debuting on the iPhone 5s back in
2013. As ZD Net points out, though, no system is perfect, and the
iPhone was breached within weeks using a latex material.
That hasn’t stopped developers experimenting with
biometrics, just as it hasn’t stopped cybercriminals experimenting with
potential hacks. As the Daily Mail reports, it was recently suggested that an iPhone
could be broken into with Play-Doh – although it requires the phone’s owner to
press their finger into the modeling material for five minutes.
Meanwhile fingerprint scanners aren’t the only biometrics that manufacturers are
experimenting with – heartbeat monitors are being trialled as a way to provide
secure banking, and even wearables that measure your gait.
According to the two Michigan State University
researchers, these too could be susceptible to attack. “It is only a
matter of time before hackers develop improved hacking strategies not just for
fingerprints,” says the report, “but other biometric traits as well that are
being adopted for mobile phones”