After installing Touch ID on iPhone 5s released in 2013, fingerprints have become a popular biometrics means. There are cases of breaking through fingerprints with woodworking bonds, but the technology continues to develop and it is becoming more difficult to break through authentication than at the time. However, if it is still a fake fingerprint made with high precision, it is said that it is possible to break through the average success rate of 80%.
The Cisco Talos Intelligence Group is releasing a video showing what fingerprints are and how to break them. There are several ways to do this. The capacitive type recognizes the perspective of fingerprint irregularities by reading the difference in the amount of charge caused by fingerprint irregularities from the sensor. The optical type irradiates light onto the fingerprint to reflect the prism, and the image sensor reads it to detect the fingerprint. In the ultrasonic type, ultrasonic waves are applied to the fingerprint and the fingerprint is searched through the intensity and direction of the returned wave.
If a fingerprint is somehow obtained, it is made into an optimized form through image processing. If you try to authenticate your smartphone fingerprint with the fake fingerprint created in this way, you can break through it on iPhone, iPad, and Mac. In addition, the fingerprint authentication method lock can also be released.
Cisco explained that the experiment was conducted on a number of terminals such as the 5th generation iPad, iPhone 8, and Samsung Electronics’ Galaxy S10, and as a result, the breakthrough success rate reached an average of 80%. However, it is said that it was difficult to break through fingerprints on Windows.
The success rate was as high as 80% on average, but this is when fake fingerprints were made with high precision. To achieve this success rate, you have to go through a difficult and tedious task. Cisco explained that if the general public uses it to protect personal information, fingerprints are at a sufficient level. However, if the attacker has sufficient motivation to target the person’s fingerprint, such as dealing with important information, and there is a possibility of investing funds, strong encryption two-factor authentication is recommended rather than fingerprint. Related information can be found here .