Fingerprint Scanner  - Fingerprint Scanner - Samsung’s Galaxy S10’s Fingerprint Scanner Hacked

A flaw in Samsung’s Galaxy S10 ultrasonic biometric fingerprint scanner can be bypassed by just having the duped 3D Printed Fingerprint of the mobile owner.

The ultrasonic fingerprint scanner comes with S10 and S10+ models, it offers additional security and it captures a 3D image when the traditional security scanners capture only a 2D one.

Samsung claims this won’t let anyone compromise that smartphone ever they have a 3D map of your fingerprint. But now the researcher’s proven that fingerprint scanner can be fooled by using a 3D-printed fingerprint.

How Fingerprint Scanner Hacked

An Imgur user, go by name darkshark published a video explaining how he fooled he the Fingerprint Scanner to gain access to the phone.

He took a photograph of his fingerprint from the side of a wine glass with his smartphone. He then uses Photoshop to remove the areas and leave only the Fingerprint.

Then to create a 3D of the fingerprint, he imported the image to 3DS Max to create a 3D model and printed it on a piece of resin with the AnyCubic Photon LCD printer.

This resulted in a square piece of resin containing a 3D model of the fingerprint that successfully opened the Samsung’s Galaxy S10.

In order to execute the all you need is to have the physical access to phone and the fingerprint of the owner. The scenario poses a lot of security concerns, if someone steals the phone then they can unlock the device as the Fingerprints are already present.

“As most of the banking only require fingerprint authentication, all the information can be stolen and the money can be spent in less than 15 minutes if the phone is secured by fingerprint alone.” says darkshark.

Threat to viability of Samsung’s
Fingerprint:

In a post about the Scanner, Samsung says
that “With the new ultrasonic fingerprint ID , there are no
tradeoffs!  but it also mentions that you
don’t have to sacrifice user experience for security”.

To contrast, Samsung also claims in the same post that it uses “a machine learning algorithm to help detect the differences between real fingerprints and forged 3D replicas.”

But the method described by darkshark casts
doubts on the viability of Samsung’s ultrasonic fingerprint scanner as a method
of protecting the data.

Hopefully this will be addressed in future versions of these scanners or through software updates; for now, if your phone contains sensitive data, you should probably use a password instead.

You can follow us on LinkedinTwitterFacebook for daily updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Related Read

Android Security Update – Code Execution Flaw Let Hackers Control Your Android Device Remotely – Update Now

New Android Malware “BasBanke” Steal Financial Data Such as Credentials & Credit/Debit Card Numbers





Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here