Many people assuming protecting their smartphone with a fingerprint is enough to keep their information safe. That may no longer be the case, as a team of researchers have come across a way to bypass this problem. In fact, they can generate fake digital fingerprints which are more than capable of unlocking smartphones. This is a very troubling development that poses a lot of privacy risks. Let’s take a look at what MasterPrints are exactly.
Fake Digital Fingerprints AKA MasterPrints
It is somewhat troubling to learn it is seemingly easy for researchers to create fake digital fingerprints. What is even more troubling is how these digital fingerprints can be used to unlock random smartphones. So far, this method has proven to be quite successful, which is rather disturbing. Although the accuracy rate hovers between 26% and 65%, this is still quite a significant breakthrough.
This puts the whole concept of fingerprint authentication on smartphones in a very different spotlight. Many people like this feature, as it seemingly provides additional security. Moreover, one needs to scan their finger about ten times to finally create a successful fingerprint authentication method. Then again, security is not always what it may appear to be, and fingerprint authentication is no different in this regard.
To be more specific, the fingerprint authentication systems found in most smartphones do not even store your full fingerprint. This sounds rather strange, considering the device asks you to provide a full fingerprint scan to ensure no one else can unlock the device. It turns out the snapshots taken of small areas of the fingerprint are used to provide this authentication method.
However, once a user presses the finger over the sensor, the visible area is compared to the snapshots stored by the device. Assuming the match is positive, the device will be unlocked. This allowed this team of researchers to create a database of real user fingerprints and then use an algorithm to create “MasterPrints”. As the name somewhat suggests, these MasterPrints can be used to unlock devices protected by fingerprint authentication.
Every MasterPrint is a digitally-created partial fingerprint with enough similarities to most common patterns found in the fingerprints of most people. So far, it seems there are more than enough similarities between user fingerprints to make MasterPrints a reliable source of unlocking devices. This could prove to be quite a powerful tool in the hands of law enforcement, as they are often hindered by fingerprint authentication when it comes to unlocking smartphones.
It is evident security researchers will need to come up with ways to further improve fingerprint authentication. Smartphone vendors, in particular, may want to start using full fingerprints and use more sensitive sensors at the same time. These devices are becoming smaller in size, which allows for improvements where the resolution of sensors is concerned. Compromising devices due to lackluster fingerprint security is not in anyone’s best interest right now.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.