home Software Applications Is the Biometric Storage Safe? Hackers succeeded in replicating a fingerprint

Is the Biometric Storage Safe? Hackers succeeded in replicating a fingerprint

Jan 10, 2015

This post is also available in: עברית (Hebrew)

Over the years, fingerprints have become one of the best decisive means of identification. Nevertheless, it would seem that technology has made a leap that overshadows this too bow.

As regularly updating passwords has become the norm, whether our account had been compromised, or whether we just forgot them, changing our fingerprints is a slightly trickier option. It turns out that even that, which was up till now, at least supposedly, the most effective security means, is no longer immune to hackers. Why? Because recently, a team of hackers succeeded in replicating a finger print. What’s more, you can do so too!

Is it all over for the biometric storage?

According to a report in geektime, Jan Kriesler, nicknamed ״Starbug״, a member of Europe’s largest hacker gang, CCC – Chaos Computer Club, had disclosed – during their recent convention at Hamburg – that they succeeded in reproducing a fingerprint. This fingerprint belongs to none other than Germany’s Defense Minister Ursula von der Leyen. This feet hardly involved any special or unconventional means. All it took were a few high definition footage of the minister’s hand at various angles. These pics were taken using a very ordinary standard smartphone. Then, apply a standard commercial fingerprint verification software such as VeriFinger, and presto, we have a match.

The footage, it is worth noting, were not taken in secret, but rather in public. While other would focus on the minister’s face, the footage taken by the hackers focused on her hands.

This was hardly the first time that CCC, this ambitious gang of hackers, has showcased a breakthrough in terms of circumventing a fingerprint-based security mechanism. Last September, CCC hackers publicized they succeed in breaking the Apple smartphones’ seemingly-secure identification mechanism. They bypassed the system by using a defragmented version of a fingerprint, after Apple had boasted the new feature was failsafe. Nevertheless, have no fear: this is much more complicated, and calls for a much higher degree of effort, thousands of dollars and dozens of working hours.

In case you just completed your EBay order for new gloves, have no fear. You must be a celebrity or at least possess some notoriety to constitute a viable target for anyone to even try and break in to your smartphone or computer. Moreover, even if someone were to successfully replicate you fingerprint, they would have to lay their hands on your very own smartphone in order to be able to make any use of it.

In case the idea of establishing a biometric storage for Israel’s entire population was something you were in favor of, perhaps these revelations would prove yet another barrier along the path towards it. After all, this seems a hub for identity theft. Nevertheless, theory is not the same as practice.