The silent threat: how finger sound could compromise fingerprint security

Researchers have revealed a technique capable of violating biometric security through fingerprint recognition, opening new reflections on the protection of personal data

In the age of digital fortification, fingerprint security stands as a pillar of defense for our devices. But is it as impregnable as we believe? A recent study conducted by Chinese and American researchers unveils a startling vulnerability: the mere sound of a finger gliding across a screen could potentially bypass this safeguard. This groundbreaking method enables the digital replication of fingerprints through the vibrations generated by the movement of a finger on a smartphone screen.

The Crux of the Method

The essence of this novel approach lies in the capability to convert these vibrations, caused by the contact of fingers with the display, into a digital map of the fingerprint. Building upon previous studies in artificial intelligence, this research introduces the concept of “MasterPrint” or “DeepMasterPrint.” These terms refer to a universal fingerprint that mimics the common features of multiple fingerprints, theoretically increasing the chances of unlocking a protected device. Initial results, however, were not particularly promising, leading researchers to explore new avenues for refining MasterPrint attack techniques without the need for a physical image of the fingerprint.

A Breakthrough with PrintListener

The quest for a more detailed recovery of fingerprint data led to an intriguing discovery: the unique vibrations produced by finger movements are easily recordable through a smartphone’s microphone. Given the frequency of user interaction with mobile devices, this process is notably accessible. By employing specific algorithms, these sounds can be analyzed to deduce the structure of the fingerprint.

Named PrintListener, this experimental approach achieved a success rate of up to 27.9% for partial prints and 9.3% for complete prints within five attempts, all the while maintaining a false acceptance rate (FAR) of 0.01%. Although these figures mark a significant improvement over previous MasterPrint attacks, the success rate is still relatively modest.

Implications and the Path Forward

However, the significance of this research should not be underestimated. As reliance on biometric security systems in various electronic devices grows, so does the risk of fingerprint theft. Awareness among users and organizations is heightening, prompting them to more diligently protect the details of their hands in photos and videos. The potential evolution of techniques like PrintListener raises questions about the need to reevaluate biometric security approaches to mitigate emerging risks.

Source: Institute of electrical and electronics engineer

Condividi su Whatsapp Condividi su Linkedin