These days most people are smart enough to have their smartphones locked with some sort of security measure, and lot of people rely on the phone’s fingerprint-based authentication system to keep everything in their phone safe. Well, it turns out, if you use your fingerprint to get into your phone, it may not be as safe as you think.
Researchers out of New York University and Michigan State University believe that fingerprints can be faked thereby making your devices less secure. Using computer simulations, the researchers digitally composed artificial “MasterPrints,” which they say were able to match real prints used by phones 65% of the time.
The good news is that none of this testing was done on real phones, so it’s believed that real-life tests would produce less success, but it may still make folks think twice about how secure their devices really are. It’s true that actual fingerprints aren’t easy to duplicate but it turns out scanners on phones don’t need a complete fingerprint since the phone stores eight to ten images of a print, that could make it easier to match, since the system may be vulnerable to false matches.
“It’s as if you have 30 passwords and the attacker only has to match one,” study author Nasir Memon, a professor of computer science and engineering at N.Y.U.’s Tandon School of Engineering, says. He concludes that if someone could make a glove with a MasterPrint on each finger, they could break into 40 to 50% of iPhones, while Apple insists there’s really only a one in 50,000 chance of a false match.
Source: New York Times