Two researchers at the Michigan State University have found a cheap and faster method of hacking smartphones that use fingerprint biometrics to secure and lock the user’s data. Kai Cao and Anil K. Jain from the Department of Computer Science and Engineering at Michigan State University have devised a simpler technique that uses an off-the-shelf printer and special photo paper to spoof fingerprints that can be carried out under 15 minutes. This process is significantly faster than current fingerprint spoofs that depend on 3D printing, which take more than twice the time. According to the duo, their attack is much more effective than the one that Germany’s Chaos Computer Club (C3) came up with when the iPhone 5S was launched, which involves a 2.5D printed gummy finger made from the author’s fingerprint. The researchers said that anyone can lift a smartphone’s owner fingerprints, even from the stolen phone itself, scan it at 300 dpi, flip it horizontally, and then printed on the glossy side of the special AgIC paper that resembles photo stock, using a conductive ink that contains silver. They can then cut out the fingerprint, put it over the phone’s fingerprint scanning sensor (whichever that may be, depending on brand), and the phone will identify the fingerprint and allow the attacker access to the data. All of this takes around 15 minutes to carry out. The Michigan State researchers, Cao and Jain, tested four phones, unlocking two successfully. They were a Samsung Galaxy S6, Huawei Honor 7, iPhone 5s, and Meizu MX4 Pro. The researchers said that while the Samsung was easy to crack, the Huawei phone needed more attempts. However, they could not unlock the Apple and Meizu ones. Cao told Quartz that the spoof worked on the iPhone during an earlier attempt, but it didn’t work when he tried to repeat the result for the technical report. “We unlocked it at the start of the project, but when we prepared the report, I could not unlock the iPhone. I used the same protocol and method. I’m not sure why it didn’t unlock,” Cao said. Chaos Computer Club in Berlin, a non-profit that works on security and privacy in technology, had earlier come up with a well-known fingerprint spoof that involved printing the target fingerprint with latex milk or wood glue. First described in 2013, that process, sometimes called 2.5D printing, had successfully unlocked an iPhone 5s. However, the problem with this technique is that the fabrication of the print depends on the hacker’s experience, to some degree, and it takes up to half an hour for the fabricated print to dry. But the new system proposed by Cao and Jain means that fingerprints can be generated more quickly. “Hackers can easily generate a large number of spoofs using fingerprint reconstruction or synthesis techniques, which is easier than 2.5D fingerprint spoofs,” the report said. Some companies say they have technology that will stop these spoofs from working. A firm called Goodix has a sensor that detects a user’s blood flow, thus preventing printouts, whether 3D or 2D, from unlocking a phone. As we are going to be using lots of devices that have fingerprint sensors and biometrics for online security in the future, the report shows how insecure this validation system really is for today’s tech environment. According to market research firm IHS, the number of fingerprint sensors inserted in devices will grow from 499 million in 2015 to 1.6 billion units in 2020, which is something the Michigan State fingerprint spoofers are worried. “We want to emphasize the urgent need for anti-spoofing technology because more phones are using fingerprint sensors,” Cao told Quartz. For more details, please consult the Hacking Mobile Phones Using 2D Printed Fingerprints research paper. Below is a video of the attack.
