Leave a comment

Fingerprint sensors: Are they really secure?

Fingerprint sensors: Are they really secure?
photo courtesy of shutterstock

One of the coolest new technologies of the past few years is biometric scanners, notably the fingerprint scanner. Just place your finger or thumb onto your smartphone, and it scans it. If it matches your fingerprint with the image it has stored, it lets you in.

Your fingerprint is like a really secure password, the thinking goes, because everyone has a unique one. After all, how could someone use your fingerprint? If they steal your phone or you misplace it, they're out of luck.

Except, criminals are devious and clever. As it turns out, fingerprint scanners aren't quite as secure as you may think.

In fact, here are several ways that criminals can get past your fingerprint, to access your smartphone and all its contact. (Note: Keep reading for three tips to keep your smartphone safe.)

1. Capacitive scanners may not work if your finger is wet, or if you have a cut, scar, or scratches.

2. Some fingerprint scanners can be fooled by a cast of a fingerprint. "This is a really big hole in security," according to security experts. (Note: Some upcoming 3-D fingerprint scanners will fix this flaw.)

3. Fingerprints can be stolen. "One can do it with a quality photo of a victim's fingers. An SLR camera with a good zooming lens or even a magazine photo printed in high resolution are enough," according to experts.

Some, but not all smartphone makers use a technology called ARM TrustZone, which stores your fingerprint image in a virtual world. It's not stored on your smartphone's operating system, so criminals can't steal it.

4. Not all smartphones are equally secure. While Apple's fingerprint scanner, which is encrypted, is considered to be secure, others aren't. "Many smartphones have poorly protected sensors, which lets malware get the pictures right from the fingerprint scanners."

Worse, you can't change your fingerprint, if an image of it is stolen. With a traditional password, you can change it in minutes. No so for your fingerprint.

5. Mistakes can be made (and have been). In 2015, cybersecurity experts discovered that the Samsung Galaxy S5 and HTC One Max smartphones did not store your fingerprints using encryption. So, criminals could steal them if they had access to your pictures and the Internet.

Those smartphone makers fixed that problem. But, who's to say it won't happen again?

So, how can you protect yourself? Use these three tips to protect yourself when using your fingerprint scanner.

1. Don't use your fingerprint scanner for financial apps like PayPal. If your smartphone is stolen, your fingerprint can be duplicated to make purchases. Instead, use a complicated password.

2. Use your most-ignored fingers' prints. If a criminal was trying to find your fingerprint, just think about it, they wouldn't have a tough time finding prints from your thumb and index finger on your favored hand, right or left.

You leave those prints everywhere. Instead, use your ring or pinky finger from the hand you don't favor. Criminals will have a tougher time finding those.

3. Add an extra layer of protection on top of your fingerprint scanner. It can help track down your smartphone if it goes missing. Plus, you can remotely delete data, contacts and texts.

Next Story
View Comments ()
Top Story: Smart home devices may be used by the government to spy on you
Previous Happening Now

Top Story: Smart home devices may be used by the government to spy on you

Apple issues recall of faulty product nearly every MacBook user owns
Next Happening Now

Apple issues recall of faulty product nearly every MacBook user owns