FB pixel

Researchers find smartphone fingerprint sensors potentially vulnerable to “MasterPrints”

| Chris Burt
Categories Access Control  |  Biometrics News  |  Fingerprint Recognition
 

Smartphone fingerprint sensors could be fooled up to 65 percent of the time by “MasterPrints” digitally composed from common fingerprint features, according to findings published Monday by researchers at New York University and Michigan State University.

In the report MasterPrint: Exploring the Vulnerability of Partial Fingerprint-based Authentication Systems, the researchers warn that partial fingerprint-based authentication systems are potentially vulnerable to compromise, particularly when multiple impressions of each finger are enrolled. Enrolling multiple impressions is often required by devices to ensure positive matching, the researchers say, and in some cases users enroll multiple fingers, further expanding the number of impressions a MasterPrint could potentially register a false match to.

The test results are based on computer simulations, and false positive authentications could be much less common in actual use conditions, but still sufficient to attract criminal attention.

“It’s almost certainly not as worrisome as presented, but it’s almost certainly pretty darn bad,” Andy Adler, a professor at Carleton University in Canada who studies biometric security told the New York Times. “If all I want to do is take your phone and use your Apple Pay to buy stuff, if I can get into 1 in 10 phones, that’s not bad odds.”

Study author Dr. Nasir Memon told the Times the results indicate that if someone could design a glove with a MasterPrint on each finger, that person could access 40 to 50 percent of iPhones before reaching the five-attempt limit and being asked for a numerical password. He also said he will continue to use his iPhone’s fingerprint sensor to unlock it.

Clarkson University professor and Center for Identification Technology Research director Stephanie Schuckers pointed out to the Times that there are differences in the software used by the researchers and smartphone vendors, and that anti-spoofing measures currently being studied could potentially defeat MasterPrints.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

AI fakery is turning fear into a voter suppression tool ahead of US elections

In the months leading up to the 2026 midterm elections which could see Democrats sweeping both the House and Senate,…

 

Alcatraz partners with gun violence group on school, workplace safety

Alcatraz has joined the Active Shooter Prevention Project (ASPP), a U.S.-based initiative that develops strategies to reduce risks in schools,…

 

V-Key gets PE firm backing to expand mobile digital identity security footprint

Singapore-headquartered digital identity and Mobile Application Protection and Security (MAPS) provider V-Key has a new majority investor, with Tower Capital…

 

IDfy secures $52M to pursue digital ID trust services ambitions

Digital ID verification firm IDfy has obtained funding of 476 crore Indian rupees, approximately US$52 million, to pursue its digital…

 

WSO2 to help MOSIP’s passwordless authentication platform eSignet Go Thunder

IIIT-Bangalore, home to India’s burgeoning digital public goods efforts, has formed a partnership through the MOSIP initiative it hosts with…

 

Entrust face biometrics show major gains in NIST FRTE

A face biometrics algorithm submitted by Entrust to the NIST Face Recognition Technology Evaluation (FRTE) 1:1 Verification has made significant…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events