finger100736642orig
Security

Scientists give biometric security systems the (fake) finger

Researchers have fabricated a wearable fake fingertip that is able to fool biometric security systems.

The spoof digit end features a number of properties found in human skin, and is being used to test the two main types of fingerprint reader.

Most readers – such as those used to unlock smartphones and currently being trialled at Canberra International Airport – are either optical or capacitive. Optical readers use light rays to capture an image while capacitive use electrical current to create an image.

"This new spoof has the proper mechanical, optical and electrical properties of a human finger. Compared to current fake fingers that only contain one or two of these properties, our new version could prove much more challenging to detect,” said Anil Jain, a biometric expert at Michigan State University who led the team to make the wearable.

The fake fingers were created using conductive silicone, silicone thinner and pigments, cast in a mould.

"What makes our design unique is that it mimics a real finger by incorporating basic properties of human skin," said Jain.

The researchers will use the dummy digit to test the recognition accuracy between different types of readers, which is often poor. For example, if a capacitive reader was used to capture a fingerprint, but an optical fingerprint reader was later used to authenticate that same fingerprint, it's less likely the print will be accurately identified.

By using the new spoof, companies could develop methods to improve the accuracy, the researchers said.

Read more:Doctor warns Govt: Don’t ‘Get Smart’ against Medicare Machine

"Given their unique characteristics, we believe our fake fingers will be valuable to the fingerprint recognition community," said Jain. "Consumers need to know their fingerprints and identity are secure, and vendors and designers need to demonstrate to the consumers the technology is not only accurate but also resilient to spoof attacks. It will help motivate designers to build better fingerprint readers and develop robust spoof-detection algorithms."

Facing facts

A wide range of smartphone models include a fingerprint scanner, the first being the Toshiba G500 in 2007. The technology found a mass market when Apple introduced Touch ID to the iPhone 5S in 2013 (after buying biometric company AuthenTec for nearly $360 million in 2012).

It was quickly discovered that the Touch ID authentication system, and others, could be defeated using a latex copy of someone's fingerprint, according to a German hacking group.

Read more:Parliament passes telco security laws

Fingerprint scanners are commonly used at US airports and in home security locks.

“As fingerprints continue to become a key to access society’s confidential data, social benefits, networks, and buildings, the need to know and quantify fingerprint recognition accuracy is paramount,” Jain added.

Apple is now moving towards a different biometric – the users face. The upcoming iPhone X will use Face ID, technology that unlocks your iPhone X by using infrared and visible light scans to uniquely identify a user’s face. The company says it will work in a variety of conditions and is extremely secure. Though no one outside Apple has yet been able to confirm how well it works.

Competitor Samsung featured an iris scanner on its now defunct Galaxy Note 7, which could make it to future Galaxy handsets, it is reported.

Read more:Victorian hospitals to trial ‘anti-hacking’ devices

One in three Australians has a fingerprint scanner on their smartphone, according to Deloitte’s 2016 Mobile Consumer Survey. Almost 70 per cent regularly use the capability, making an estimated 100 million imprints a day.

IDG Insider

PREVIOUS ARTICLE

« HTC Vive vs. Oculus Rift vs. Windows Mixed Reality: What's the difference?

NEXT ARTICLE

Intel may tie future Core CPUs to the VR trend with dedicated features »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

Tech Cynic: VR, the never-popular technology

Tech Cynic – IT without the rose-tinted spectacles

Five months on, GDPR doubts remain for this lawyer

Martin Veitch's inside track on today’s tech trends

How can smart solutions help address Southeast Asia's urban challenges?

Keri Allan looks at the latest trends and technologies

Poll

Is your organization fully GDPR compliant?