{"id":79813,"date":"2016-03-23T17:45:53","date_gmt":"2016-03-23T21:45:53","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2022-10-28T14:01:04","modified_gmt":"2022-10-28T18:01:04","slug":"fake-fingerprints-open-galaxy","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/fake-fingerprints-open-galaxy\/","title":{"rendered":"Fake Fingerprints Can Open Your Phone"},"content":{"rendered":"

– Updated 03-30-2016 –<\/strong> The Business Insider<\/a><\/em> proves<\/a> that you can use Play-Doh<\/strong> to fool the fingerprint sensor in your Phone.<\/p>\n

—<\/p>\n

\"Fake<\/a>I have pointed<\/a> out a<\/a> number of times that biometrics will not be the complete final solution for passwords.\u00a0Biometrics<\/strong> is the measurement and statistical analysis of people’s physical and behavioral characteristics. The technology is mainly used for identification and access control.<\/strong> The basic premise of biometric authentication<\/a> is that everyone is unique. An individual can be identified by his or her intrinsic physical or behavioral traits.<\/p>\n

\"Fake<\/strong>There is a huge issue with biometrics.\u00a0 You can’t change your intrinsic physical or behavioral traits<\/strong> if they get stolen or hacked. Well, now there is more proof that biometrics can be hacked without cutting off a finger.<\/p>\n

Hack mobile phone\u00a0authentication<\/h3>\n

Two smarty Sparty’s from Michigan State University<\/strong>\u2019s<\/a> biometrics group<\/a> has figured out a way to hack mobile phone fingerprint authentication<\/a>.<\/strong> According to Help Net Security<\/a><\/em>, the MSU researchers can hack your secure phone by using just a scanner, a color inkjet printer, a special type of paper, and ink.<\/p>\n

\"AgIC<\/a>Turns out that the attack is easy to execute.\u00a0The first step is to scan the target\u2019s fingerprint<\/strong> image at 300 dpi or higher resolution. Then, the image is mirrored and the original or binarized fingerprint image is printed<\/strong> on the glossy side of an AgIC special paper. The printer uses\u00a0AgIC silver <\/strong>conductive ink<\/a><\/strong> cartridges (along with normal black ink).<\/p>\n

Magical conductive ink<\/h3>\n

CrunchBase<\/em>\u00a0explains<\/a> that advances in material science have made it possible to manufacture almost magical conductive ink. AgIC silver conductive ink\u00a0has tiny silver particles<\/strong> and can be purchased online<\/a>. The ink is printed by standard <\/strong>Brother<\/a> printers<\/a><\/strong>. The ink dries in a few seconds and conductivity emerges instantly when the traces are drawn on special photo inkjet printing paper also available online<\/a>.<\/p>\n

\"spoofedAll in all, an attacker can have a spoofed fingerprint<\/strong> that would allow him to access<\/strong> a phone<\/strong> protected with fingerprint authentication in less than 15 minutes, and the cost of all the tools he needs to do this does not surpass $500.<\/p>\n

Researchers Kai Cao and Anil Jain successfully managed to fool the fingerprint sensors<\/strong> on the\u00a0Samsung<\/a><\/strong> (005930<\/a>) Galaxy S6<\/a> and\u00a0Huawei<\/a><\/strong> (002502<\/a>) Hornor 7<\/a> phones.<\/p>\n

They posted a demo of the attack on YouTube:<\/p>\n