Hackers want your photos for your fingerprints, not just your smile
Security and privacy have always been hot topics on social media, with much discussion taking place over issues such as image ownership, privacy settings, and how to not invite 1.2 million partygoers to your 15-year-old daughter’s birthday party.
As a result of this ongoing discussion in the news, most of us know better than to post confidential or sensitive material on social media. For example, you wouldn’t post a photo of your passport, a plane ticket, or your driving licence, and you wouldn’t share your full address or your bank account details.
Until now though, everyone has been happy with sharing selfies and photographs of themselves – after all, how could they be used against you by hackers? Well, if you pose with your hand in the air doing a peace sign, you could be at risk, new research has shown.
Researchers at Japan’s National Institute of Informatics (NII) have discovered that fingerprints on show in a photograph taken from just three metres away can be easily recreated without the need for advanced technology, as long as the image is well-lit and in focus. A peace sign pose would be perfect for this type of fingerprint theft.
Professor Isao Echizen, a security and digital media researcher at the NII, told Sankei Shimbun:
Just by casually making a peace sign in front of a camera, fingerprints can become widely available
Social media and peace signs aren’t really the issue here, though. Back in 2014, German hacking group, Chaos Computer Club, claimed to have reproduced German Defense Minister Ursula von der Leyen’s fingerprint from a series of photographs shared in the media. This included a press conference photo. The reproduction was able to fool fingerprint-based security systems.
In a similar vein, regarding public photographs, biometrics and the issue of security, hacker Jan “Starbug” Krissler recreated Angela Merkel’s iris from a photo in 2015, and then went on to successfully unlock a test with the reproduction.
Of course, while the Japanese researchers claim this type of fingerprint ‘cloning’ is easy, it isn’t accessible to most, and other experts have claimed it is a complicated process. Nevertheless, it could be a future concern for services such as Apple Pay, which has recently been praised for its fingerprint authentication security system. In fact, it has been reported that the UK’s Halifax Bank is now looking into replacing iris scans and fingerprint recognition security checks with human heartbeat technology, to guarantee secure online banking for the future.