Security in Devices and Network: Fingerprint Lock Vulnerability

Verified

Added on 2022/09/01

AI Summary

This report delves into the security vulnerabilities of fingerprint locks on smartphones, highlighting how easily they can be compromised. The report references a Forbes article from November 2019, which details how Chinese hackers claim to break fingerprint locks in as little as 20 minutes using readily available and inexpensive equipment. The core issue lies in the authentication process, where fingerprint scanners, despite their unique patterns, are susceptible to exploitation. The biometric data used in fingerprint scanners, being permanently linked to the user, presents a significant privacy and security risk. The report mentions the X-Lab security team's demonstration of a hacking process involving creating a fingerprint clone using a 3D printer. It also addresses the inherent vulnerabilities in the authentication process of smartphones, where false matches can lead to unauthorized access. The report concludes by emphasizing the ongoing threat posed by hackers capturing fingerprint images to gain access to smartphones.

Running head: SECURITY IN DEVICES AND NETWORK
Security in devices and network
Name of Student-
Name of University-
Author’s Note-

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SECURITY IN DEVICES AND NETWORK
Fingerprint lock of smartphone can be broken easily
Almost all individuals uses smart phones, either android or iPhones in their daily lives
and they might face a security problem with the fingerprint lock of their smartphones. As per the
news article on 2nd Nov 2019 by Forbes, the hackers in China claims to break the fingerprint lock
or any fingerprint scanner in just 20 minutes (Winder, 2020). As per the article, the Chinese
hackers have stated that they can unlock any fingerprint scanner by using equipment which costs
only $140 along with an application that can analyze the photograph of the fingerprint.
The process of authentication helps to determine if someone or something declares to be
itself. Technology of authentication provides control access for the systems to check if the
credentials of the user matches the data in database of the authorized user (Nair, Helberg, and
Van der Merwe 2016). Authentication is important in organization and in personal life to keep
security on the data and to see that only authenticated users can access the data. The fingerprint
scanners used in many devices includes unique patterns that helps to distinguish one scanner to
another. The pattern of fingerprint scanner is unique and includes intrinsic characteristics of
fingerprint scanner (Zhu et al. 2018). With all these features of fingerprint scanner to secure the
devices, the fingerprint scanner is not really that secures as it is made out to be. The biometric
data that is used in fingerprint scanner are unique and are permanently linked to you (Jo et al.
2016). So, exposure of that personal data to the hackers can compromise the privacy of the user
and also the security of the biometric system.
As per Forbes, the hackers in China who have challenged to crack the fingerprint code in
just 20 minutes works as a part of X-Lab security team in a company called Tencent in China.
The team leader of X-Lab demonstrated the hacking process in a conference in Shanghai in

2SECURITY IN DEVICES AND NETWORK
2019. The hackers used an application that was developed by them and the application can
extract a clone of the fingerprint that is scanner and can print it using 3D printer.
User authentication mainly occurs in human to computer interactions and personal as
well as corporate data are becoming concerned with privacy of the digital services that are used
in daily lives (Sammoura and Robbins 2018). Despite of using security and authentication
processes in the devices, there remains a security issue with the fingerprints that are used in
android phones are iPhones (Jin et al. 2016). Setting up fingerprint security on smartphones
includes phones to record some images on finger for making the match easily. This single swipe
of finger has to be matched with the database pictures that are stored in the phone’s database and
thus the smartphone are vulnerable to false matching of the fingerprints leading to false
authentication of the user (Shreyas et al. 2017). Problem with fingerprint scanner was always
there and most the hackers tends to capture the image of the fingerprints of the users to get
access to the smart phones.

3SECURITY IN DEVICES AND NETWORK
References
Jin, Z., Lim, M.H., Teoh, A.B.J., Goi, B.M. and Tay, Y.H., 2016. Generating fixed-length
representation from minutiae using kernel methods for fingerprint authentication. IEEE
Transactions on Systems, Man, and Cybernetics: Systems, 46(10), pp.1415-1428.
Jo, Y.H., Jeon, S.Y., Im, J.H. and Lee, M.K., 2016. Security analysis and improvement of
fingerprint authentication for smartphones. Mobile Information Systems, 2016.
Nair, K.K., Helberg, A. and Van der Merwe, J., 2016, July. An approach to improve the match-
on-card fingerprint authentication system security. In 2016 Sixth International Conference on
Digital Information and Communication Technology and its Applications (DICTAP) (pp. 119-
125). IEEE.
Sammoura, F. and Robbins, M., 2018. Authentication Using Sparse Modeling of Fingerprint
Images.
Shreyas, K.K., Rajeev, S., Panetta, K. and Agaian, S.S., 2017, April. Fingerprint authentication
using geometric features. In 2017 IEEE International Symposium on Technologies for Homeland
Security (HST) (pp. 1-7). IEEE.
Winder, D., 2020. Hackers Claim ‘Any’ Smartphone Fingerprint Lock Can Be Broken In 20
Minutes. [online] Forbes. Available at:
<https://www.forbes.com/sites/daveywinder/2019/11/02/smartphone-security-alert-as-hackers-
claim-any-fingerprint-lock-broken-in-20-minutes/#2fb7b6ef6853> [Accessed 2 April 2020].

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SECURITY IN DEVICES AND NETWORK
Zhu, H., Wei, Q., Yang, X., Lu, R. and Li, H., 2018. Efficient and privacy-preserving online
fingerprint authentication scheme over outsourced data. IEEE Transactions on Cloud
Computing.