Hackers can steal fingerprint from a PHOTO
Nirapad News : Hackers have already proved they can bypass Apple’s fingerprint scanner using a collection of household items to make a latex replica print.
And now, one expert has recreated the fingerprints of Germany’s Minister of Defence, Ursula von der Leyen, using just a photo of her.
The security researcher known as Starbug, used publicly available software called VeriFinger with photos of the finger taken from different angles.
Starbug, whose real name is Jan Krissler, told attendees of the Chaos Computer Club’s (CCC) 31st annual congress in Hamburg, Germany, how he achieved the hack.
Mr Krissler obtained a high-resolution photograph of the politician’s thumb using a ‘standard photo camera’ during a press conference.
He also used other ‘good quality’ photos of the politician, taken from a variety of angles.
From these images, he reconstructed an accurate thumbprint using the VeriFinger software.
This software is good enough, according to CCC, to fool fingerprint security systems.
‘These fingerprints could be used for biometric authentication,’ it wrote in a blog post.
Hackers have previously demonstrated how easily fingerprints can be stolen from an individual who has touched a shiny surface, such as a smartphone screen,
But CCC said that with ‘this knowledge there will be no need to steal objects carrying the fingerprints anymore,’ meaning that people could potential steal someone’s fingerprint identity from photos posed on social networks, for example.
Starbug said: ‘After this talk, politicians will presumably wear gloves when talking in public.’
They then poured latex milk or white wood glue into the print pattern created by the toner onto a transparent sheet.
Once the glue had dried, they peeled off the thin latex sheet and pressed it on the scanner of the iPhone to unlock the handset, which launches two days earlier.
During the launch, Apple claimed the new iPhone with a fingerprint sensor was ‘much more secure than previous fingerprint technology.’
At the time, Starbug said: ‘As we have said now for more than years, fingerprints should not be used to secure anything.
‘You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.’
CCC first published the steps taken to bypass fingerprint scanners in 2004 and they claim that it uses everyday household items – meaning anyone can do it.
Security expert Graham Cluely said: ‘It’s worth remembering that fingerprints are not secrets.
‘You literally leave them lying around everywhere you go, and they could be picked up by others.
Relying on your fingerprints to secure a device may be okay for casual security – but you shouldn’t depend upon it if you have sensitive data you wish to protect.’