Fingerprint scanners on smartphones are vulnerable to spoofing via simple inkjet printers, and can easily be unlocked using just a paper with the required scan on it, reveals a study by researchers at the Michigan State University.
Michigan University researchers Kai Cao and Anil K Jain showed in their paper that they were able to unlock Samsung Galaxy S6, Huawei Honor 7 by just using 2D fingerprints. For their attack, the researchers relied on the following: an inkjet printer, three AgIC silver conductive ink cartridges, and special AgIC paper.
The scientists used the left index finger of one of the authors, and then printed 2D fingerprint of the same to unlock these phones. This method of tricking the phone’s fingerprint scanner with a dummy finger is called spoofing. The researchers used a special conductive ink to print these 2D fingerprints.
According to the authors, the aim of this study is to show how weak the current fingerprint reliant systems are. They warn that hackers could also create a number of these 2D fingerprint spoofs that can successfully break fingerprint authentication in mobile phones. Once successful, hackers could also steal people’s identity, and other private information.
Furthermore the study says, that hackers can easily generate a large number of spoofs using fingerprint reconstruction techniques, and that smartphone manufacturers need to consider anti-spoofing techniques seriously.