AI Can Create Fake Fingerprint to Hack Smartphone Security

Fingerprint Sensor on Your Phone Is Not as Safe as You Think


thetechrix

In the modern era, technology has grown to a larger extent. Almost, all the mobiles come with fingerprint authentication which was thought to be more secure.

But, the researchers from New York University proved that fingerprints can be generated and phones, bio-metric devices that use partial fingerprints can be hacked through Deep Neural Networks.

Details on Attack using AI fingerprints on Smartphones:

The researchers of New York University found a technique to generate that can match multiple people. This is similar to using password trial and error technique on a login page of the website.

This technique is useful in exploiting the devices that match only a portion of fingerprints which is used in modern day mobile devices.

The machine used to generate fingerprints using artificial intelligence is able to match 77% of the time when compared with NIST data.

How the Technique is found:

First, the researchers have created an artificial network for this by collecting fingerprint data of around 6000 people. They have used the network and input fingerprint data in order to generate fake fingerprints to fool the electronic devices like mobiles that use partial fingerprint for authentication.

This technique of fooling the devices with the help of artificial intelligence generated fingerprints is called Deep MasterPrints.  

Concepts used to generate the technique:

The following concepts are used in generating this technique of fooling electronic devices like mobile devices that use partial fingerprints for authentication:


  • Artificial Intelligence
  • Data Mining
  • Generative Adversarial Neural Network


The result of the attack on the Society:

The Deep MasterPrints is found to defeat the 20% of the fingerprint readers company.

If the users use more than one finger for authentication, then the chance of success of the attack is high.

The users using mobile phones or biometric sensors that use partial fingerprint should rely on using the strong password instead of relying on fingerprints. It is the responsibility of the mobile phone manufacturing companies to generate the more complicated algorithm that can overcome this attack.

One solution to overcome this attack is restricting the number of tries for authentication and use of geographical location while authenticating the device.

Research Paper:


The researchers of the New York University also wrote a research paper which can be seen here.

Post a Comment

0 Comments