Posted on January 2, 2019 at 1:37 PM
According to recent reports, researchers at Michigan State University and New York University created a new technology which is now a threat to the security of most electronic devices. Things such as smartphones cannot be protected by biometric technology anymore, as such devices can be cracked easily with the new tech.
The technology has been in development for a while, and it was said to be completed in early 2018. It was part of a project called “DeepMasterPrints,” and it focused on developing machine learning in a way which will allow it to unlock devices protected by biometric tech, including fingerprint scanners. In a way, machine learning will make this tech a type of electronic skeleton key.
How safe is it to use biometric protection?
Back when the project was completed, researchers stated that around one-third of biometrically secured smartphones could be unlocked with DeepMasterPrints. As any lock can be picked, biometric scanners can be tricked as well, and the project is apparently becoming more and more successful at doing it.
Tricking these scanners is nothing new, as researchers managed to do it multiple times in the past by using lifted prints or a digitized fingerprint data. However, through DeepMasterPrints, the stakes will go up significantly.
Apart from endangering smartphones, which are pretty much centers of information for most individuals who use them, and a real goldmine of personal data, similar methods can be used against airlines and car rental firms. Biometric technology was deemed secure enough that installing has more advantages than flaws, which is why even some padlocks and safes have employed it.
Researchers appear to be aware of this, as they themselves stated that many such devices do not capture the whole fingerprint. Since scanners are relatively small, there is no place for an entire fingerprint to be scanned. Because of this, most devices only record one part, which is not nearly as secure as capturing the full fingerprint.
Since the fingerprint is only partially recorded, it is easier for machine learning to masquerade as the real print, and it can change to pose as different people. The technology was developed with the idea of a master print, and it revolved around studying various prints, as well as methods of replicating them.
Many have found this development concerning, as the only real flaw of the project is that it requires physical access to devices it is trying to crack. Still, researchers believe that, while the very existence of this technology is troubling, it is not something that most people should worry about. They argue that if a hacker in possession of this technology manages to get to users’ phones, the phones are likely already compromised, with or without DeepMasterPrints.
Many have taken this as proof that biometrics are still not as safe as traditional passwords. In the meanwhile, those who depend on biometrics are advised not to lose physical control of the device, and to never plug them into computers or chargers of unknown origin.