New Idea-using paper and ink, you can break the fingerprint reader of your smartphone
Do you think fingerprint recognition has a high security factor? Let's take a look at the new idea of fingerprint recognition.
In today's era of rapid development of Internet technology, security and convenience are like the fish and the bear's paw. If you want more convenience, you may have to sacrifice some security at the cost.
However, fingerprint recognition systems in smart phones can ensure user data security while providing convenient operations.
If your smartphone provides fingerprint recognition, you only need to put your finger on the fingerprint sensor of your mobile phone to unlock your mobile phone. When your device is locked, the bad guys cannot obtain the private data on your mobile phone, which ensures your security. At the same time, the user does not need to manually enter the unlock password when unlocking the mobile phone, which ensures the convenience of mobile phone operation.
However, the fingerprint recognition feature has a design defect. Because the user's fingerprint information is not confidential data, the user may leave their fingerprint in many other places, and the fingerprint information can be copied by taking photos or other methods.
Previously, Apple released the first mobile phone with a biometric identification feature (Touch ID) to the outside world, that is, the iPhone 5 S. Soon after, a hacker at the chaotic Computer Club (CCC) used the stolen fingerprint data to spoof the fingerprint sensor of the mobile phone and successfully unlocked the mobile phone.
During the hacker's "attack", he captured the fingerprint information of the target user through a high-resolution image, and then according to the fingerprint information in the image, the printer and a large amount of toner were used to create a mold with the same fingerprint, and finally a simulation of the wood rubber finger was created.
Another group of security researchers also used the same method to successfully crack the fingerprint sensor of Samsung Galaxy S5. This means that the design defects in fingerprint recognition not only exist in Apple devices.
Now, two more security researchers have simplified and improved the attack process. They used a common 2D inkjet printer, conductive ink cartridge, and AgIC kit to successfully copy fingerprint information.
In this way, we do not have to wait until the glue is dried. We only need to scan the fingerprint information of the target user in the computer and print it on a special paper.
Kai Cao and Anil K. Jain are two researchers from the College of Computer Science and Engineering at Michigan State University. They showed people their research results in a short video last month and demonstrated how to trick fingerprint recognition devices.
The researchers said they analyzed and tested two different models of smartphones, one of which is Samsung's Galaxy S6 and the other is Huawei's honor 7.
This spoofing technology was successfully tested on both phones. However, compared with Samsung Galaxy S6, the fingerprint recognition system of Huawei honor 7 is more difficult to crack (during the test, researchers need to make multiple attempts to unlock Huawei honor 7 ).
Security researchers wrote in the study: Our research further confirms that fingerprint recognition systems in smartphones urgently need anti-spoofing technologies to protect users' data security. In particular, more and more mobile devices are using fingerprint recognition systems for mobile phone unlocking and online payment.
Manufacturers of smartphones are constantly trying to develop new biometric technologies, such as Iris and facial recognition. But how long does it take for hackers to crack these identification technologies? We do not know.