Friday, 1 November 2019

Tencent Security's X-Lab demonstrates ability to hack fingerprint scanners of all kinds

Image Source : abacus news
Although the first mobile phone to have a fingerprint scanner was a Motorola Atrix in 2011, it was only with the use of capacitive fingerprint scanners in iPhone 5S by Apple that they became really popular and all manufactures jumped in. 

Samsung claim that the ultrasonic fingerprint sensor used by them in their S10 is far more secure than the optical and capacitive types because their sensor maps the ridges and valleys of your fingerprint in 3 dimensions. This makes it impossible to unlock the S10 with a 2 dimensional copy of your fingerprint. However a flaw in the system was soon found by a woman named Lisa Neilson in the UK. She discovered that applying a readily available gel based screen protector made the phone unlock with anybody's fingerprint.

Lisa Neilson and her husband:
Image Source : The Sun

To add to that, in a recently held hacking event in Shanghai Tencent's X-Lab team made a live demonstration of their App which could generate an accurate 3 dimensional model of anyone's fingerprint just from a photograph of the person's fingerprint. For the demonstration, they asked a member of the audience to touch a glass. Then a photograph of the fingerprint was taken by the team leader Chen Yu, using his phone. In just 20 minutes they were able to make a physical clone which was then used to successfully unlock three phones registered with the audience member's fingerprint. Even more impressive was the fact that each of the phones used a different kind of fingerprint scanners - optical, capacitive and ultrasonic.

This really shows that though fingerprint scanning technology has made our digital lives more easier, they have given us a false sense of security. A traditional pin or password should still remain as the core protection for all your sensitive data and apps. 



No comments:

Post a Comment