If you buy a cell phone today, it likely has an option to unlock the device with fingerprint recognition technology. This feature appeals to a lot of people since it is more convenient and quicker than typing in a passcode. It also seems like a more secure option since only your unique fingerprint can unlock the device. However, researchers have discovered a big security concern with this type of technology.
Fingerprint scanners are a form of biometric security systems.
Biometric security is a method of authentication that uses the verification of an individual’s physical characteristics. Biometric technology can use fingerprint, eye, voice and facial recognition to verify an individual.
Fingerprint scanners became popular after Apple released the iPhone 5s in September of 2013. Following the introduction of this new feature, other companies started to release this technology in their phones as well. The technology is now widely available across several types of devices including some laptops and computers. The widespread use of fingerprint scanners is becoming a concern especially after new research suggests it isn’t as secure as we thought.
Researchers from New York University and Michigan State University have figured out a way to trick fingerprint scanners by using a printer and a special type of ink. The researchers used master prints to fool the fingerprint scanners. Their method bypasses smartphones by scanning a fingerprint in 300 dpi and printing it on conductive AglC paper with conductive silver ink. These prints could match other patterns up to 65% of the time.
The fact that the researcher’s technology could bypass the fingerprint scanners 65% of the time should make you reconsider using this feature on your phone. To put this statistic in perspective, understand that your phone is only protected 35% of the time. That isn’t a promising number.
Although researchers have found a major vulnerability in the technology, it isn’t too likely that someone would fool your fingerprint scanner. They would have to get physical access to your phone and also have access to the technology that can create master prints. However, your safest bet would be to deactivate the fingerprint scanner and use a traditional passcode. As more devices implement this technology, the more incentive there is for hackers to get access to the tools that can bypass such security features.
Another concern is that one of the most popular uses of the fingerprint scanning technology is for Apple Pay or Android Pay. This would give people access to any credit cards or debit cards that are linked to your phone. There could also be other vulnerabilities that haven’t been discovered yet, similar to what happened with Samsung’s facial recognition.
A video recently surfaced that showed how easily Samsung’s facial recognition could be fooled. All you needed was a picture of the person to unlock the phone. It is starting to become questionable how secure biometric verification really is. It is more of a convenience than a security measure.
Biometric authentication offers a very minimal layer of security. If an average person had access to your phone, they probably wouldn’t be able to access it. But even reps from Samsung admit that facial recognition isn’t the most secure option. It is just a faster option than the fingerprint scanner or passcode.
The best way to protect your information is to disable the fingerprint scanner and stick to using a traditional passcode to unlock your phone. To disable Touch ID on your iPhone, go to settings, then to Touch ID, and Passcode. Ensure “Turn Passcode On/Off is set to “On”. Then navigate to “Use Touch ID For: iPhone Unlock/Apple Pay/iTunes & App Store” and make sure all of these are set to off.
To disable Fingerprint Unlock on the Samsung Galaxy go to settings and then to lock screen and security. Go to fingerprints and change “Fingerprint Unlock” to off.
Your device should have an option to turn the fingerprint scanner off in the settings. If you are unsure how to turn off the fingerprint scanner, visit your cell phone provider for assistance. If your employees use cell phones for work, you should encourage them to disable the fingerprint scanner on their phone.
For more security updates, be sure to follow the Keystone Technologies blog. Save our blog to your bookmarks for industry news and updates.