Study finds fingerprints can be copied by the sound of a finger moving on a scanner
02.03.24
A research team from the US and China has identified a fingerprint authentication vulnerability. It is based on the sound of finger friction, the devices can record sound waves and even minor changes in the surface of the finger as it moves over the fingerprint sensor.
Attackers can use the detected audio characteristics to recover fingerprints and create fake fingerprints that can be used to bypass the authentication system.
The attack process could be as follows:
- Data Collection: Attackers can use microphone-enabled chat programs, such as Telegram, Skype, or Discord, to record sounds made by rubbing their fingers against the fingerprint sensor.
- Sound Analysis: The resulting audio recordings are then analyzed to identify characteristic sounds associated with finger movements on the sensor.
- Fingerprint Recovery: Based on audio data, attackers can attempt to recover partial or full fingerprints, which can be used to spoof or bypass authentication systems.
To protect against such attacks, device manufacturers can use various methods, such as improving protection against acoustic eavesdropping and analyzing fingerprint data. It is also recommended to implement biometric authentication methods that are not susceptible to such attacks, for example, facial scanning or iris scanners. It is also important to ensure that biometric data is stored and securely transmitted to prevent leakage and misuse.
The PrintListener attack seems difficult to implement, but scientists managed to overcome a number of problems that prevented them from obtaining the result:
- Weak sounds of finger friction – an algorithm has been developed for localizing the sound of friction based on spectral analysis;
- The dependence of the ability to separate finger patterns from the physiological and behavioral characteristics of the user has been largely overcome thanks to the techniques of minimum redundancy, maximum relevance (mRMR) and adaptive weighting strategy;
- The transition from determining the primary characteristics of fingerprints to the secondary ones is carried out using statistical analysis of the relationships between these characteristics and a heuristic search algorithm.
Don't miss interesting news
Subscribe to our channels and read announcements of high-tech news, tes
Oppo A6 Pro smartphone review: ambitious
0 
Creating new mid-range smartphones is no easy task. Manufacturers have to balance performance, camera capabilities, displays, and the overall cost impact of each component. How the new Oppo A6 Pro balances these factors is discussed in our review.
Logitech G G325 headphones review: reliable and long-lasting
0 
Logitech G has released a new gaming headset that offers good ergonomics, stable connectivity, and high battery life at a very affordable price. Let’s talk about the Logitech G G325 in more detail
Norwegian electronics store will give GTA 6 to those who give birth on the day the game is released games GTA
Norwegian electronics retailer Komplett has announced an unusual promotion dedicated to the release of Grand Theft Auto VI. The company has promised to give a free copy of the game to all families whose children are born on the official release date – November 19, 2026.
The most affordable lifecell tariff can be transferred from other operators for free events in Ukraine lifecell rates
Ukrainian mobile operator lifecell has extended the “Care” tariff to subscribers who have used the number portability (MNP) service from other networks