Don’t Wave: Hacker Uses Online Photos to Replicate Fingerprints, Bypass Biometric Security

by Mac Slavo | Dec 30, 2014 | Headline News

Do you LOVE America?

    Share

    Facebook
    X/Twitter
    LinkedIn
    Email
    Copy URL

    fingerprint-photo

    If you think the biometric security on your phone or front door are enough to keep your personal information or belongings safe, think again.

    German hacker Jan Krissler, who operates under the handle Starbug, has demonstrated that a simple photograph posted online can be used to recreate your fingerprint using commonly available imaging software.

    One expert has recreated the fingerprints of Germany’s Minister of Defence, Ursula von der Leyen, using just a photo of her.

    The security researcher known as Starbug, used publicly available software called VeriFinger with photos of the finger taken from different angles.

    Starbug, whose real name is Jan Krissler, told attendees of the Chaos Computer Club’s (CCC) 31st annual congress in Hamburg, Germany, how he achieved the hack.

    Mr Krissler obtained a high-resolution photograph of the politician’s thumb using a ‘standard photo camera’ during a press conference.

    He also used other ‘good quality’ photos of the politician, taken from a variety of angles.

    From these images, he reconstructed an accurate thumbprint using the VeriFinger software.

    This software is good enough, according to CCC, to fool fingerprint security systems.

    ‘These fingerprints could be used for biometric authentication,’ it wrote in a blog post.

    Source: The Daily Mail

    In this particular demonstration Krissler used several photos and ran them through a software application called Verifinger to recreate the minister’s fingerprint.

    In the future, as biometric fingerprint technologies become more prevalent, such a hack could be even easier than stealing someone’s wallet. A simple wave of your hand to someone taking a picture and then posting it online could now become a major security threat and could be a boon to identity thieves. All that an unscrupulous individual would need is a picture of your fingerprint. With high resolution cameras now embedded on most smart phone devices photographs of a particular target could be downloaded directly from a social media page or an image sharing web site. Or, someone can simply snap a photo of your hand from a few feet away as you pass them on the street.

    In a recent blog post, Starbug says that once replicated the copycat print can easily defeat biometric authentication:

    The questionable validity of security claims by the vendors of fingerprint systems will be even more disputed after this presentation.

    But how can you defeat such a simple method for stealing your identity?

    Starbug provides a tried and true solution. “After this talk, politicians will presumably wear gloves when talking in public.”

    Jump to comments

    URGENT ON GOLD… as in URGENT

    It Took 22 Years to Get to This Point

    Gold has been the right asset with which to save your funds in this millennium that began 23 years ago.

    Free Exclusive Report

    The inevitable Breakout – The two w’s

      Related Articles

      Comments

      Join the conversation!

      It’s 100% free and your personal information will never be sold or shared online.

      Register here

      0 Comments

      Commenting Policy:

      Some comments on this web site are automatically moderated through our Spam protection systems. Please be patient if your comment isn’t immediately available. We’re not trying to censor you, the system just wants to make sure you’re not a robot posting random spam.

      This website thrives because of its community. While we support lively debates and understand that people get excited, frustrated or angry at times, we ask that the conversation remain civil. Racism, to include any religious affiliation, will not be tolerated on this site, including the disparagement of people in the comments section.

        The content on this site is provided as general information only. The ideas expressed on this site are solely the opinions of the author(s) and do not necessarily represent the opinions of sponsors or firms affiliated with the author(s). The author may or may not have a financial interest in any company or advertiser referenced. Any action taken as a result of information, analysis, or advertisement on this site is ultimately the responsibility of the reader.

        SHTFplan is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.