Samsung Galaxy S6 biometric scanner fooled by printout of fingerprint

Samsung Galaxy S6

It is apparently quite easy to fool the fingerprint scanner on the Samsung Galaxy S6 and Huawei Honor 7. All you’d need is half an hour, a normal inkjet printer, AgIC paper and some special ink. What’s more, the Michigan State University researchers who published the aforementioned finding claim that thieves can lift the fingerprint of the owner of a stolen smartphone from the device itself!

There’s no fancy 3D printing involved here. The main process starts with three AgIC silver conductive ink cartridges as well as a regular black one being installed in a color injket printer. The Michigan State University team used the Brother MFC J5910DW model for their experiment. The next step is to scan the handset owner’s fingerprint at 300dpi or higher resolution.

The last task requires the scanned image to be reversed in the horizontal direction and then printed on the glossy side of an AgIC special paper. It is supposed to be a relatively simple method of hacking into a biometric authentication system with a spoofed fingerprint. The Honor 7’s sensor is a bit more difficult to fool as compared to that of the Galaxy S6, state researchers Kai Cao and Anil K Jain.

Repeated experiments with different users are said to have yielded the same results. Following the release of the iPhone 5S in 2013, Germany’s Chaos Computer Club tricked the scanner on the Apple device with a 2.5D fingerprint which was fabricated manually. The hack developed by the Michigan State University researchers is faster and easier to replicate, and therefore more unnerving.

Cao and Jain warn that not all smartphones are vulnerable to the trick. But it should serve as a warning to manufacturers who feel fingerprint scanning technology is impregnable and therefore a safe option for mobile payments or unlocking devices.

Via