Hackers use a photograph of a fingerprint to bypass phone security

GeekPwn 2019
(Image credit: GeekPwn)

It seems that using your fingerprints as a method of unlocking your phone might not be quite as secure as you first though. All it takes to trick a fingerprint reader is a photograph of a print, a special app, and some relatively cheap hardware.

Chinese hackers say they have devised a method for bypassing biometric security on smartphones in just 20 minutes. As Tom's Guide reports, using photographs of fingerprints left on glass, the X-Lab team from Tencent Security showed how it was possible to create cloned physical fingerprints that were sophisticated enough to fool fingerprint scanners.

The team gave a demonstration at the GeekPwn 2019 hacking conference in Shanghai. During it, team leader Chen Yu invited an audience member to touch a glass, and the resulting fingerprints were then photographed.

Using a specially developed app, the photograph was processed and a physical model created using hardware that was not publicly revealed. The exact method used has not been explained, but it is assumed that some sort of advanced 3D printer was used. The technique was used to successfully trick three smartphones and two other machines with fingerprint readers.

Time to wear gloves

As if the ability to bypass the biometric security was not worrying enough, it gets worse. The security breach can be executed in a mere 20 minutes, and it is far from expensive. Speaking to Chinese media, Yu revealed that hardware costing just $140 (about £110, AU$200) was needed, meaning that it's something that's hardly limited to being used by large organisation or rich individuals.

Time to remember to wipe away any evidence you might leave behind after yourself, perhaps... or just take to wearing gloves all of the time! You might also want to consider switching to a different security mechanism on your phone, such as facial recognition, or just a really lengthy PIN.

Sofia Elizabella Wyciślik-Wilson
Freelance writer

Sofia is a tech journalist who's been writing about software, hardware and the web for nearly 25 years – but still looks as youthful as ever! After years writing for magazines, her life moved online and remains fueled by technology, music and nature.

Having written for websites and magazines since 2000, producing a wide range of reviews, guides, tutorials, brochures, newsletters and more, she continues to write for diverse audiences, from computing newbies to advanced users and business clients. Always willing to try something new, she loves sharing new discoveries with others.

Sofia lives and breathes Windows, Android, iOS, macOS and just about anything with a power button, but her particular areas of interest include security, tweaking and privacy. Her other loves include walking, music, her two Malamutes and, of course, her wife and daughter.

You can find her on Twitter and Mastodon.