Hackers working for Chinese security company Tencent claim that they have developed a method to photograph a fingerprint on any glass surface and use it to unlock any smartphone, no matter their fingerprint reader technology — in just 20 minutes.
According to the Chinese blog Abacus, Tencent’s X-Lab team showed how this technique works at the recent GeekPwn 2019 hacking conference in Shanghai. X-Lab’s leader Chen Yu asked an audience member to touch a glass and took a photo of the fingerprints.
Yu then ran the photo through an app they have developed in house, which extracts and process the necessary data to clone a physical fingerprint. The team didn’t show the physical cloning process, but we can assume that they used a 3D printer like other people have done in the past. He then proceeded to use the cloned fingerprint to open three smartphones that had been registered with the audience member’s fingerprint — plus two event registration machines that use fingerprint scanners.
Each of those phones used one of the three existing fingerprint scanning technologies: capacitive, optical. and ultrasonic, like the one in the Samsung Galaxy S10. The latter one is especially worrying, since this technology is supposed to avoid this type of hack by scanning the three-dimensional structure of your fingerprint.
Then again, we recently learned that Samsung's Galaxy S10 and Note 10 series could be unlocked by anyone if the phones had a silicone gel screen protector. Samsung subsequently issued an update to address the problem.
While the Tencent hackers didn’t reveal the exact method used to clone the fingerprint, it seems it worked rather fine at the event. Talking to the media after the demonstration, Yu said that the hardware they used to clone the fingerprint only costs about $140. Yu believes that the only defense against this is to clean everything you touch, including all of your phone.
In other words: fingerprint security sucks. And facial identification is not that much better, really. If you are really worried about security, the only thing you can do is probably use a longer password.