Explore

Hacking the Biometric Fingerprint Scanner

In our society, it has become increasingly more necessary to prove your identity. As people travel more and more, with population greatly expanding, there is no longer a personal feeling where everyone in a city knows everyone else. Instead, we must find ways of proving we are who we say we are.

There are three basic types of identity, specifically biometric identity, attributed identity, and biographical identity.

A Brief Introduction to Biometric Identity

Biometric identity is used to refer to items that are unique about an individual. For instance, a persons fingerprint, DNA, retina pattern, and facial structure are all examples of a biometric identity. To break it down even further, each of those examples, is an identifier, which can be used to validate someones identity.

Biometric identifiers have become increasingly popular, as they are somewhat unique among people and usually much harder to forge than other identifiers. Biometric identifiers are not exactly new however, as in ancient times when your banker knew you by site, this was an example of a biometric identifier. Of course, today's biometric identifiers are technology based, with devices like fingerprint readers and iris scanners becoming much more common place.

While the physical data that makes up a biometric identifier is actually fairly secure, the technology behind it is not so bulletproof. For example, in a recent episode of Mythbusters, Jamie and Adam showed that they could fool a biometric fingerprint lock billed as “un-hackable” using only a simple piece of scotch tape. However, not all fingerprint scanners are so easily fooled, but it is important to realize that they are by no means foolproof.

There are two types of fingerprint scanners, referred to as optical scanners and capacitive scanners. , both of which exhibit certain flaws.

Hacking Capacitive Fingerprint Scanners

Capacitive scanners work by analyzing a fingerprint and comparing differences in the peak and troughs found on the finger. In Germany, scientists discovered three ways that Capacitive Fingerprint Scanners could be fooled, which all rely upon the fact that whenever you use a fingerprint scanner, a small amount of grease is left behind.

These scientists found that by breathing on the Capacitive Fingerprint Scanner, some scanners will be fooled into reading the imprint of grease that was left behind. In a similar fashion, the researchers found that a small thin bag of water placed over the scanner could receive similar results.

However, the most effective means of fooling a fingerprint scanner proved to be blowing graphite across the scanner and then covering it with a piece of clear tape. When pressure was applied, it read the graphite impression as the actual fingerprint.

Hacking Optical Fingerprint Scanners

Optical Fingerprint Scanners work by taking a picture of the fingerprint and comparing the image to one on file. A Japanese mathematician named Tsutomu Matsumoto is responsible for some of the first research into how to hack optical fingerprint scanners. He was able to successfully create fake fingers, which could be used on the scanner.

To begin with, a copy of the fingerprint must be obtained on a piece of glass or similar type of material. Graphite can be used to enhance the fingerprint if it is of poor quality, with the chemical in superglue, cyanoacrylate adhesive, also offering similar results. The latter method involving super glue is a popular technique used by forensic scientists to enhance fingerprints at crime scenes.

Once a decent copy of the fingerprint is obtained, it can be copied and scanned onto a computer. The image is inverted and sharpened using a program like PhotoShop or the Gimp. Then, a mold of the finger is made using a photosensitive copper board, readily available at most hobby shops.

Once the fingerprint has been etched onto the copper board, it is simply necessary to make a fake finger, using some sort of gelatin like material. The gelatin material, which is recommended to be a mix of one-to-one water/gelatin, must be free of bubbles and is spread onto the copper board.

Once it has dried, a copy of the fingerprint is made, which can fool optical fingerprint scanners 80% of the time. Matsumoto reported that it cost him about $10 to fool the fingerprint scanner.

Other Biometric Identifiers

Fingerprint scanners are not the only type of biometric scanner that can be hacked. Research has shown that iris scanners, which compare an individuals retina, and facial recognition software can also be hacked.

No Comments Yet

Add Comment


Name:     
E-mail:    
Website: