Skip to main content
  1. Home
  2. Mobile
  3. News

Hacker replicate politician’s fingerprint to warn of biometric security dangers

By

iphone fingerprint unlocking texas 5s touchid
Image used with permission by copyright holder
Friendly hackers have already shown us just how vulnerable biometric security measures like fingerprint sensors are to manipulation. Now, another has found a way to copy people’s fingerprints, using nothing but close up photos of their hands.

At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, aka Starbug, demonstrated how he was able to replicate the fingerprint of German Defense Minister Ursula von der Leyen with nothing more than photos of her hands and a software called VeriFinger. He used several photos taken three meters away from where Von der Leyen was standing during a public press conference to recreate her fingerprint. The photos were taken from several different angles with a 200er-Objektiv lens on a standard camera.

Recommended Videos

He then ran the images through VeriFnger’s software to form Von der Leyen’s full fingerprint. Krissler says other image-processing software can also be used, and that a camera with a sharp lens may not be necessary, if your phone has a good enough camera. While the print may not be 100 percent accurate, Krissler claims that it can be used to fool Touch ID on any iPhone as well as other devices with fingerprint sensors.

Of course, to get to that point, the hacker had to go through a few more steps to actually make the fingerprint physical. First, he inverted the colors of the photographed print, making the ridges of the fingerprint white and the grooves black. Then, he printed the image in black ink on standard paper. The ink leaves behind just enough texture for Krissler to make a 3D fingerprint. Krissler’s last step involves coating the fingerprint with glue or plaster to create a perfect mold of the print. The final mold can then be used to unlock the person’s iPhone with Touch ID or any other biometric-secured device.

Although Krissler’s process may sound complicated and time-intensive, malicious hackers could potentially exploit high-profile targets with the technique. The hacker even suggested that politicians wear gloves in the future to protect their fingerprints. Meanwhile, the average iPhone user likely has nothing to fear when it comes to Touch ID’s security.

Editors' Recommendations

Topics
Malarie Gokey
Malarie Gokey
Former Digital Trends Contributor
As DT's Mobile Editor, Malarie runs the Mobile and Wearables sections, which cover smartphones, tablets, smartwatches, and…
You won’t believe how I improved my phone’s battery life
The back of the Samsung Galaxy S24 Ultra, resting against a post.

Galaxy S24 Ultra Andy Boxall / Digital Trends

Sorry for using that tired old clickbait headline, but in a roundabout way, it’s true. You genuinely won’t believe that I’m about to tell you something so headbangingly obvious about smartphone batteries.

Read more
Security experts just found two giant smartphone privacy issues
The Apple iPhone 15 Pro Max's camera module.

Apple iPhone 15 Pro Max Andy Boxall / Digital Trends

This has been quite a stunning week in regard to the privacy and security of smartphone users. Specifically, two investigations have revealed troubling privacy concerns around smartphone advertising and iOS' notification system.

Read more
Check your iPhone right now for an important security update
iOS 17 interactive widgets on an iPhone 15 Pro Max.

If you're someone who uses an iPhone, you'll want to pay attention to a new software update Apple just released today. Why? It adds an important new security feature to your iPhone.

The update in question is iOS 17.3, and the hallmark feature it adds is a new tool called "Stolen Device Protection." Announced in December, Stolen Device Protection makes it harder for thieves to access your iPhone if it's lost or stolen. As Apple describes it, "this new feature adds an additional layer of security in the unlikely case that someone has stolen your phone and also obtained your passcode."

Read more