Hackers can steal your fingerprint from a PHOTO: Copycat print could be used by criminals to fool security systems
 |
| Hackers have used photos to recreate the fingerprint (stock image) of a German politician |
Hackers have already proved they can bypass Apple's fingerprint scanner using a collection of household items to make a latex replica print.
And now, one expert has recreated the fingerprints of Germany’s Minister of Defence, Ursula von der Leyen, using just a photo of her.
The security researcher known as Starbug, used publicly available software called VeriFinger with photos of the finger taken from different angles.
Starbug, whose real name is Jan Krissler, told attendees of the Chaos Computer Club’s (CCC) 31st annual congress in Hamburg, Germany, how he achieved the hack.
Mr Krissler obtained a high-resolution photograph of the politician’s thumb using a ‘standard photo camera’ during a press conference.
He also used other 'good quality' photos of the politician, taken from a variety of angles.
From these images, he reconstructed an accurate thumbprint using the VeriFinger software.
This software is good enough, according to CCC, to fool fingerprint security systems.
‘These fingerprints could be used for biometric authentication,’ it wrote in a blog post.
Hackers have previously demonstrated how easily fingerprints can be stolen from an individual who has touched a shiny surface, such as a smartphone screen,
But CCC said that with ‘this knowledge there will be no need to steal objects carrying the fingerprints anymore,’ meaning that people could potential steal someone's fingerprint identity from photos posed on social networks, for example.
Starbug said: ‘After this talk, politicians will presumably wear gloves when talking in public.’
 |
| One expert has recreated the fingerprints of Germany’s Minister of Defence, Ursula von der Leyen (stock image), using photos taken at a press conference. From these images, he reconstructed an accurate thumbprint using the VeriFinger software.This software is good enough to fool fingerprint security systems |
 |
A security researcher known as Starbug, used the publicly available software, plus a variety of photos of a finger taken from different angles to replicate the fingerprint. Starbug previously hacked Apple's iPhone 5S fingerprint sensor (pictured) just two days after the phone launched in 2013
|
In September 2013, hackers from CCC used a photograph of a fingerprint on a glass surface, scanned it and then used a laser printer to print it onto a transparent sheet.
They then poured latex milk or white wood glue into the print pattern created by the toner onto a transparent sheet.
Once the glue had dried, they peeled off the thin latex sheet and pressed it on the scanner of the iPhone to unlock the handset, which launches two days earlier.
During the launch, Apple claimed the new iPhone with a fingerprint sensor was 'much more secure than previous fingerprint technology.'
At the time, Starbug said: 'As we have said now for more than years, fingerprints should not be used to secure anything.
'You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.'
CCC first published the steps taken to bypass fingerprint scanners in 2004 and they claim that it uses everyday household items - meaning anyone can do it.
In September 2013, hackers from CCC used a photograph of a fingerprint on a glass surface, scanned it and then used a laser printer to print it onto a transparent sheet to make a new print using wood glue. This technique relied on a print obtained from a glass surface (pictured) whereas the new one only needs photos
Security expert Graham Cluely said: 'It’s worth remembering that fingerprints are not secrets.
'You literally leave them lying around everywhere you go, and they could be picked up by others.
Relying on your fingerprints to secure a device may be okay for casual security – but you shouldn’t depend upon it if you have sensitive data you wish to protect.'
Read more:
