What is a fingerprint and how can you fool a fingerprint scanner? Essentially, an imprint is papillary patterns on the skin. That is, protrusions and recesses that form a certain pattern. Each person has their own, individual ones.
Formation of papillary patterns
The formation of such patterns occurs around the 12th week of the fetus. At the same time, the nervous system is also formed. The pattern is influenced by many factors. This includes the position of the fetus in the womb, the genetic code, the state of the environment, the mother’s diet, and much more.
The pattern can be restored with minor damage to the epidermis. In this article we will look at whether and how it is possible to fool the fingerprint scanner, as well as how it works on modern phones.
Determining a person's identity by his fingerprint is one of the most reliable methods of identification. More accurate methods include only DNA analysis and retinal scanning.
How does a fingerprint scanner work?
The fingerprint scanner must do two things:
- Get pattern image
- Check if it matches the fingerprints in the database.
Scanning
Smartphones are now equipped with optical scanners. The principle of their operation is similar to that of a digital camera. A matrix of LEDs illuminates the pattern itself, and a microcircuit of light-sensitive LEDs takes a picture at this time.
When light hits an LED, it produces an electrical charge. Thus, a pixel is formed in the future image of the pattern. The color of the pixel varies depending on how much light hits it.
Pixels of different intensities form a pattern. Before matching the print with the database, the scanner checks the brightness and clarity of the image. If the results are unsatisfactory, the entire image acquisition process is repeated.
Fingerprint analysis
The resulting image is analyzed software. Recognition occurs using complex algorithms.
All patterns can be divided into three main types:
- arc,
- loopback
- helical.
Once the pattern type is determined, the scanner looks for minutiae. These are the places where the pattern line ends. For example, a line breaks or splits. The uniqueness of a fingerprint lies in the minutes. The scanner recognizes how the minutes are positioned in relation to each other. To do this, the entire drawing is divided into small zones. Each section includes a certain number of minutes. Their location data is recorded.
Similar areas of the fingerprint and database under study are analyzed. If the patterns are the same, the owner of the fingerprints is the same person. The scanner does not compare absolutely all lines of the pattern. It only looks for similar patterns in blocks and draws conclusions based on this data.
Types of fingerprint scanners
There are two types of optical scanners:
- Apple scanners (iPhone 5s and later) take a photo of your finger as it touches the phone's screen.
- Another type of scanner takes multiple images at once while you swipe the screen. This scanner was used in Samsung Galaxy S5 smartphones. Later the scanner was replaced with the first type. It is more convenient, but at the same time more expensive, since you need to use a large matrix.
All scanners of this type have one drawback: scratches and dirt can damage it.
Surely, many have ever wondered how to fool a fingerprint scanner and is it even possible? The answer is yes. Of course, the company understands now and understood before when creating similar phone functionality that any biometric system can be deceived.
It is enough to make an impression of the phalanx of the finger and touch it to the scanner. In addition, the owner of the phone can be forced to place his finger on the device.
Apple has thought of some security measures for such cases. But still the method has a right to exist. Older iPhone models can be fooled by simply printing a high-resolution photo of your finger.
As you can see, there are several ways to fool the fingerprint scanner. Moreover, if this is difficult to do on iPhones, then on smartphones with Android OS the situation is much simpler.
Not long ago, fingerprint technology was mostly associated with science fiction films. Now, even in budget smartphone Xiaomi has a fingerprint scanner. We will explain to readers the principle of its operation.
The fingerprint scanner (Touch ID) allows user identification based on the unique skin pattern on the fingertip. Each person has his own imprint and “pattern”, which is not repeated even in the case of identical twins.
A fingerprint allows you to identify any person, for example in the case of searching for criminals. As it turns out, Touch ID is also useful for smartphone users. With its help you can protect your smartphone from unauthorized access.
There are several types of scanners currently on the market. They all work on the same principle - the scanner reads the fingerprint of the smartphone owner and, when trying to unlock it, compares the “pattern” with the one that is pre-programmed in the device. If the fingerprint matches, the device will be unlocked. Otherwise an error message will appear.
Interestingly, scanners do not analyze the entire fingerprint pattern. Only some of the characteristic features or patterns are tested. This is, for example, branching, bifurcation or tearing off fingerprints.
Scanners convert the image into a template (template), and using an algorithm they compare the distance between curves and lines. This makes the verification process much shorter than if you had to analyze the entire fingerprint.
Algorithms confirm the fingerprint if approximately 40% of the minutes match the saved drawing. In practice, this is sufficient to identify a specific user and ensure fault tolerance.
Minutes (or “Galton’s points”) are areas of the skin pattern (points) that are unique for each finger, which show in which places the papillary lines merge, bifurcate or break off.
Types of fingerprint scanners
1. Optical scanner"captures" the entire finger panel and uses a CCD sensor (like most cameras) to do so. In areas where light does not reach (ridges), the sensor records "black" pixels, creating an accurately displayed image of the finger. Often optical scanners have a built-in light source (usually LED) to make the image as transparent as possible.
2. Capacitive scanner– instead of a matrix, special miniature capacitor circuits (capacitive sensors) are used. When we put our finger on this reader, the capacitance of the individual capacitors instantly changes. Capacitive scanners are much more accurate and more efficient than optical scanners because they are harder to fool.
3. Thermal scanner– it works similarly to a capacitive reader, but instead of microcapacitors they use microscopic thermal sensors that detect the temperature difference between the ridges and lobes of the finger pad. Such a scanner cannot be fooled by an imitation of a finger (i.e., a fragment with skin).
4. Ultrasound scanner– uses the phenomenon of diffraction, i.e. reflection and scattering of sound waves. When we put our finger on the reader, it begins to generate inaudible sounds for us. The behavior of sound waves at the points of contact of the “ridge” of the print pad with the scanner is completely different than in the “cavities” (where there is air). This allows the ultrasound scanner to create an accurate fingerprint of your fingerprint.
Which fingerprint scanner is better?
Currently the majority Xiaomi smartphones use capacitive readers, such as the popular Redmi Note 3 or Mi 5. However, much hope lies in ultrasonic scanners installed directly under the display, and this technology is likely to be most popular in the near future.
Touch function Smartphone ID, although very secure, is not 100% secure. With the right technology and tools, it is possible to create a fingerprint that can fool the scanner.
With the release of the iPhone 5s, Apple offered users an alternative method of unlocking smartphones and protecting important data - a fingerprint scanner. Since then, the fingerprint reading mechanism has been used in all mobile gadgets Californian corporation, and became one of the factors in the rejection of the usual “Slide to unlock” gesture.
Despite the fact that Apple engineers are constantly improving existing solutions, sometimes they fail. For example, the Touch ID fingerprint scanner may refuse to read the data of the smartphone owner. To ensure that Touch ID accepts your fingerprint correctly again iPhone owner, you need to do a few simple manipulations.
Enable Touch ID unlocking in Settings
Before you start looking for the cause of the Touch ID malfunction, you need to make sure that fingerprint recognition is enabled. To do this, go to Settings - General - Touch ID and password and check whether the ability to unlock the iPhone using a fingerprint is activated. To be sure, you can turn this option off and on again by moving the toggle switch.
Clear scanner
If the ability to unlock using a fingerprint is enabled, but the scanner does not respond, you can begin to find and solve the problem. The first step is to thoroughly clean the Touch ID scanner. Perhaps dust or other dirt has accumulated on it, particles of which prevent normal fingerprint recognition.
Update operating system up to the current versionApple releases major iOS update and macOS once a year. Throughout the year, less significant updates appear that correct minor errors in the operation of software and hardware devices. Perhaps the Touch ID fingerprint scanner is not working correctly due to outdated firmware. To update it you need to go to Settings - General - Software Update.
Correct finger placement
Sometimes the reason incorrect operation Touch ID scanner is due to incorrect finger placement. You need to make sure that your finger completely covers the fingerprint scanner, that you don't remove your finger too quickly, and that the system has enough time to scan.
Adding more fingerprints
Apple has provided the ability to add five different fingerprints with which you can unlock your iPhone. These can be different fingerprints from the same person, then when you try to unlock you won't have to use only one finger all the time. It could also be the fingerprints of family members who may be using the device.
When adding new fingerprints, make sure that the system fully and correctly read and recognized them. A partially scanned fingerprint will not allow you to unlock your iPhone in the future.
It is also worth making sure that the smartphone recognizes the owner’s fingerprints during the cold season. To do this, you need to add one scanned in the cold to the list of recognized fingerprints. Since low air temperatures can partially change the fingerprint, making it narrower, a scanner that stores a regular fingerprint in its database may incorrectly perceive a frozen fingerprint.
What's true and what's not when it comes to fingerprint sensors and multi-factor authentication in mobile devices?
It seems that not a single day can pass without news of hacking. As more and more data about our personal and business lives is shared online, the Internet has become a target for many criminals and other miscreants trying to get their hands on valuables. personal information or company secrets. This has made smartphones and personal computers very attractive targets for cybercriminals, which in turn has led to the use of fingerprint sensors as a means of reliably identifying the legitimacy of a device user.
However, there is a huge amount of misinformation associated with fingerprint sensors. Therefore, it is time to study the facts about these sensors and see if the belief that they can be easily hacked is wrong.
1. A fingerprint is easy to fake.
Not true. Despite what you see in movies or demos from security system vendors, faking a fingerprint by taking a photo with high resolution or restoring a latent fingerprint is extremely difficult. This technique is called a “spoofing attack” and is a technical challenge. Very few criminals would use this method, and if they did, it would only be to gain access to sensitive data, not to the average user's computer.
The main reason this Myth #1 exists is that demonstrating spoofing is very easy if you are a willing participant. With a lot of practice and a lot of patience, it is possible to create an imitation of your fingerprint by carefully making a mold from various materials such as glue and clay. But even this is not at all simple, and is made even more difficult by the constant emergence of new anti-spoofing algorithms.
2. Optical sensors are less secure than capacitive sensors because they store the actual image of the fingerprint.
Not true. A smartphone or PC that respects basic privacy and security principles will never store a complete image of your biometric data. They transform the data into a "template" where some parameters are retained and the rest are discarded. Then, when storing the abstracted data, the template is encrypted.
Since the template only stores certain information about the scanned image, and not the image itself, it is not possible to recover a fingerprint from the template. Therefore, even if the fingerprint template is somehow extracted, decrypted and read, this information will be useless to reconstruct the image of the original fingerprint. This basic principle applies to both optical and capacitive sensing technology.
3. If an attacker gets your fingerprint from your phone or computer, they can use it to access your phone.
Not true. As stated in Myth #2, the fingerprint image will not be saved in your PC or smartphone. And if fingerprints are not saved, then they cannot be stolen from your device.
4. Multi-factor biometric authentication in mobile devices is complex and expensive.
Partially true. This is easy because many mobile devices already have fingerprint sensors and front cameras, so expect to see rapid growth in the use of multi-factor authentication based on your fingerprint or facial image (Figure 1). Other combinations will likely follow, including retinal and voice recognition.
The difficulty is that combining multiple biometric parameters into a single trust criterion is a complex combination of science and art, and the algorithms for this must be carefully tested. However, you can expect them to be available in the very near future. Ultimately, we will see a robust ecosystem supporting universal multi-factor authentication across platforms and applications.
5. Contextual factors are not enough to ensure mobile device security.
True, but... it must be said that contextual factors alone are not enough to ensure the security of a mobile device. When combined with biometric authentication, they can be part of an overall very strong and user-friendly solution. For example, modern " smart watch" can remain unlocked as long as you do not remove them. In the future, your device will be able to use contextual factors such as location, proximity, room conditions, etc. to remain unlocked as long as you are in your office or authorize transactions without additional authentication.
6. Fingerprint sensors should be on the Home button or on the back of the smartphone.
Not true. Fingerprint sensors come in a wide range of designs, including thin sensors that can be placed in the power button on the side of the phone. In addition, the new sensors can detect fingerprints while working under protective glass screen, allowing you to remove the Home button and use the entire surface of the smartphone for the display. And in the future, we will see solutions where any area of the screen can effectively scan fingerprints. (Please note that the fingerprint sensor of the smartphone shown in Figure 2 is located behind the glass of the screen).
7. Biometric authentication is for security purposes only.
Not true. There are many ways in which this information can be effectively used once the user's identity has been established. For example, it can be used to customize the user interface or to take into account user preferences. Here's an example: Scanning a fingerprint on the engine start button sets seat positions, mirrors and infotainment options to suit the user's needs (or can even be used by the insurance company, car rental company, etc.). Scanning your fingerprint in a Smart Home can unlock doors, turn on preferred lighting and mood-setting music, and restrict access to certain features or areas of the home (when shown to a buyer).
8. Optical sensors are too large and consume too much power to be used for fingerprint scanning in mobile devices.
Not true. Nowadays, technological advances have made optical sensors miniaturized and efficient enough to be used in mobile devices, and they will be supplied in industrial quantities in the near future. And even better, some optical sensors create a deeper image of the fingerprint, allowing you to get more detailed information about the fingerprint that will be used in the template.
9. All fingerprint scanning solutions are the same, so price is a deciding factor.
Not true. Fingerprint sensor suppliers offer completely different solutions covering different technologies(e.g. capacitive and optical), different levels of security, many design options, a wide range of power consumption and durability characteristics, and especially software solutions.
This is not just a hardware fingerprint sensor. This is a two-pronged solution, where software and hardware work together as one, and both elements must include security features. The desire for cheapness may lead to phone manufacturers or someone in the ecosystem mobile payments will be left out of the market if proper safety measures are not followed.
10. Biometrics are too complex and expensive for use in enterprise environments.
Not true. Fingerprint-based solutions in enterprise environments are more secure than typical username and password configurations. They also eliminate cumbersome password changes and IT support calls, making them easier to maintain and support. IN modern world cloud business, where devices can connect to corporate networks anywhere in the world, this is very important. Additionally, legacy personal computers without biometric support can easily be upgraded with one of the peripheral fingerprint sensors on a USB key or a mouse with a built-in fingerprint sensor.
11. Encryption is sufficient to protect the fingerprint template.
Not true. The purpose of encryption is to protect the template file while it is stored, typically in small non-volatile memory. However, there are many cases where the pattern must be deciphered primarily during the matching process. During such operations, the template must also be protected.
In some cases, the security architecture will be a trade-off between security and cost. Such decisions include:
- Match in host:
A control processor is used to verify the fingerprint match. - Protected element:
Fingerprint matching is performed by a separate integrated circuit, usually with its own secure memory. - Match in sensor:
The entire matching algorithm and memory are built into the fingerprint sensor itself. It should be noted that the "coincidence in sensor" architecture provides safe start personal computer, preventing the system from booting before fingerprint authentication is confirmed.