Fingerprint sensors are not the guarantee to privacy


Biometric authentication is the latest, shiniest toy for large tech companies, especially among manufacturers of smartphones. Technology like fingerprint sensors, iris scans, facial image recognition and voice recognition used to be the stuff of sci-fi movies. But now, thanks to companies like Apple, biometric recognition systems (especially finger scanning), are directing modern smartphones into miracles of ease and suitability. A finger touch can easily unlock a phone without the requirement of a password. A simple fingerprint touch can help you in paying bills, buying groceries, and transfer hundreds worth of money. However, while may be super convenient, it can leave a massive gap in personal security.

In April 2017, a report was published by New York University and Michigan State University regarding fingerprint hacking. The fingerprint sensors present on your phones and tablets are previously imperfect with weak security protection. They do not guarantee privacy. The researchers emphasize that the sensors are tiny. They can only grab a small portion of the fingerprint. Therefore, it increases the possibility of matching with another fingerprint which is even slightly similar to yours.

The report revealed that smartphones could easily be fooled by false fingerprints, which are composed digitally of several features noticed in individual prints. By computer replications, the researchers were able to form a set of artificial Master Prints. These master prints can match the real prints, which are similar to those used by the phones as much as 65 percent of the day.

Human fingerprints are extremely difficult to fake. However, finger scanners on the phone can read the partial prints only when you set fingerprint security on your smartphone. At that time the phone usually records almost eight to ten images of a finger to make the matching easy and straightforward. Since a single finger swipe has to match only one retained image to unlock the phone, nearly all phones are vulnerable to fake matches.

What is fingerprint scanning?

Fingerprints scanners are recognition systems known as snoop level technology. Over the past few years, fingerprint scanning has become completely universal and omnipresent. In fact, biometric technology is very beneficial to law enforcement agencies and various other organizations.

Fingerprint scanning is a process of obtaining and storing human fingerprints by electronic means. The digital image gained after scanning is known as finger image.

It is a biometric procedure which includes the automatic capture, examination, and evaluation of specific characteristics of the human body. There are various methods by which a device or tool can capture the details, such as the pattern of both branches and raised areas, in the image of the human finger. The most usual and familiar methods include optical, tactile, and thermal. All these methods work by using heat emission analysis, pressure analysis, and visible light analysis.

How does it work?

The process of scanning begins when you put your finger on a glass plate. After this, a CCD camera captures a picture of your fingers. The scanner consists of a light source. From the scanner, a wide range of light emitting diodes to illuminate the raised areas, i.e., ridges of the finger. In the meantime, the CCD system produces a reversed image of the finger. The dark regions signify more reflected light while the lighter areas characterize less reflected light.

The scanner processor makes sure that the image obtained is clear, inspects the pixel darkness, and discards the scan if the image captured is not perfect, i.e., it is too dark or too light. After rejection, the scanner tries to scan the image again after adjusting exposure.

If the fingerprint image is of good definition, then a line flowing perpendicular to the raised areas will be made up of alternating sections of extremely dark pixels and extremely light pixels.

When a hard, crispy, a properly exposed image is obtained so, the processor compares it with the taken fingerprint with other prints on the file.

Fingerprint hacking

The fingerprint detection is set up on several smartphones. These biometric validations are more critical and vibrant in China. Especially now since smartphone-based e-wallets and cell phones payments are highly popular in the country.

A vital and acute concern of the fingerprint technology is that it can easily get hacked. Although it seems complicated and impossible, it does happen. Some hackers use a 3D printed mold, which is made from a retained fingerprint image. Fingerprints can get stolen despite firewalls and security. PIN codes and passcodes can quickly change, but a fingerprint does not change. One-time credential theft becomes a lifetime of susceptibility and vulnerability.

The cybersecurity expert and military commentator of People’s Liberation Army recently rekindled the warning. He said on a China Central Television (CCTV) program, that the security protection can get hacked. Malicious and vicious people can fake your fingerprint with the help of tools which are as plain as a translucent film and a circuit scribe. The film with ink from the circuit marker gets attached to cover half of the phone’s fingerprint reader. And the owner can use his finger for unlocking the phone even though the sensor reads only half of the print.

The sensing and matching of fingerprints algorithms assumed by Apple’s iOS and Android systems are based on machine learning algorithms. It’s an advanced process which occurs in minutes to allow the user to unlock the phone. The user puts his finger on the reader while using a capacitive touch to take in the image of a print and updating the print image which is already stored in the phone. However, similarly, a deceiving ink pattern on a translucent film can count as an update to the stored image.

China Central Television (CCTV) programs exhibit that at times low-tech knock-off fingerprints which are comprised of film and circuit-copyist ink has deceived individuals and opened a few telephones. These telephones have a place with probably the most eminent organizations like Apple, Huawei, Samsung, and Xiaomi.

It is an unmistakable admonition that fingerprints can get hacked. In any case, not at all like passwords, you can’t change your fingerprints. Consequently, a solitary certification robbery regularly prompts a lifetime weakness. That is the reason most network safety specialists convince clients to use two-factor validation. With this, you can’t be sneaked around from the simplest of ways.

To maintain a strategic distance from the unique finger impression hacking, a year ago officials of Washington passed weighty enactment which disallows associations from gathering or selling the biometric data without the agreement of the person. Because of the rising concerns – in regards to the utilization of squeezed biometric identifiers to propel character extortion – the democratic proportion was 37-12 in kindness by State Senators and 81-17 by the house.