Results 1 to 8 of 8

Thread: Mission: Impossible - Fooling fingerprint readers

  1. #1
    Senior Member
    Join Date
    Jul 2002

    Mission: Impossible - Fooling fingerprint readers

    I recently read this article and wanted to share it with you. Things we expect we'd only see on movies do happen in reality!

    Matsumoto, a Japanese cryptographer, has successfully done some experiments against eleven commercially available fingerprint biometric systems, and was able to reliably fool all of them. The results are enough to scrap the systems completely, and to send the various fingerprint biometric companies packing.
    There's both a specific and a general moral to take away from this result. Matsumoto is not a professional fake-finger scientist; he's a mathematician. He didn't use expensive equipment or a specialized laboratory. He used $10 of ingredients you could buy, and whipped up his gummy fingers in the equivalent of a home kitchen. And he defeated eleven different commercial fingerprint readers, with both optical and capacitive sensors, and some with "live finger detection" features. (Moistening the gummy finger helps defeat sensors that measure moisture or electrical resistance; it takes some practice to get it right.) If he could do this, then any semi-professional can almost certainly do much much more.
    The complete text can be read here, and a presentation on how precisely he did it can be downloaded here.

    Damn, what next? Fooling retina scan with a crystal ball? I think no biometric system is foolproof...

    Peace always,
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Kinda reminds me of the film Gattica, where the dude takes a whole new identity - 'borrowed ladder', they called it in the movie - using another persons identity and passing it as your own.

    Nothing can be 100% fullproof can it? Didn't they recently test the face recognition system at some airport and it failed miserably? I just hope with all these people finding ways around fingerprinting/face recognition systems, that the government won't try and push for ID chips being implemented in all of us - that would not be a future I would like to see.

    So I guess it's an open market really. If you can think of a sure way of identifying people, without inserting chips into everyone, you'll be a pretty rich guy/girl - start the ideas rolling I say.

    \"Do you know what people are most afraid of?
    What they don\'t understand.
    When we don\'t understand, we turn to our assumptions.\"
    -- William Forrester

  3. #3
    Senior Member
    Join Date
    Aug 2002
    I don't think there's ever going to be a full proof security system.If there's people smart enough to make them,there's people smart enough to break them.I'd be willing to bet that even implanting ID chips wouldn't work for long.After a couple months you'd get some guy that sees a few million dollars coming his way if he can deactivate the chips and he'd find a way.(Hell I'd pay $20 to have my ID chip deactivated)If retinal scans become a common place thing,then you'll have some people fooling the scanner with somewhat lagit means and other people ripping out one anothers eyeballs.I say stick to the good old fashioned passwords encryption and burgler alarms.
    [shadow]I don\'t believe in anarchy.If you\'re not smart enough to beat the system it\'s your problem. [/shadow]

  4. #4
    Senior Member Info_Au's Avatar
    Join Date
    Jul 2001
    then you'll have some people fooling the scanner with somewhat lagit means and other people ripping out one anothers eyeballs.
    The question then would be....How long can you keep a Finger fresh or an Eye open?
    Can only complete the crime once too.

  5. #5
    Join Date
    Aug 2002
    finger prints have not been fool proof for a long time. I do not know of any crimes where peeps have been able to pull it off. It is much better then your sig.
    Ill THink of one when i get time.

  6. #6
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Going around gouging out peoples eye balls with a rusty spoon would be a little extreme. Why not just use some fancy contact lenses or something.
    Its not software piracy. Iím just making multiple off site backups.

  7. #7
    Senior Member
    Join Date
    Nov 2001
    I don't think there will ever be anything more secure than a well chosen password.

    Biometrics really aren't the best of solutions, from articles such as this and others that I have read almost every biometric security device has been fooled. Fingerprint scans have been fooled by methods such as these, face scans follied with mere still pictures and video loops on a laptop display, and I remeber mention of a way eye (retina) scans have been fooled (I'll try searching for the article).

    Anyway, my point is- you only have one face, one set of fingerprints, ect. - Once those are comprimised you can't go changing them.

    Biometrics can also arise privacy concerns, do I really want my face and fingerprints stored on file?

  8. #8
    Senior Member
    Join Date
    Sep 2001
    individual biometric systems won't work, however a collection of difficult to bypass systems could allow for a very high reliability...

    perhaps, fingerprint (multiple digits checked), facial recognition, speach printing, and a password...

    someone may be able to assume someone elses identity for 1 or more of those testing methods, but the odds that someone could fool all of the tests while under supervision is probably so high that they'd be acceptible..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts