Fingerprint authentication on smartphones is meant to bridge the gap between security and convenience. The problem is, we leave our fingerprints everywhere – on our coffee cups, keypads, and beyond. And, hackers are constantly looking for new, innovative ways to steal our most sensitive information – fingerprints included.
In a recent Naked Security article, white hat hackers cracked Apple’s iPhone 5s device by tricking the sensor using a “stolen” fingerprint. Their method involved “making a copy of the targeted person’s fingerprint with a high-resolution image, printing out a reverse of the fingerprint using heavy amounts of printer toner to create a mold and then making a dummy fingerprint with wood glue.”
Samsung users are not exempt either. Researchers from Michigan State University department of computer science and engineering successfully used a similar method to test fingerprint spoofing on the Galaxy S5.
“This experiment further confirms the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment,” the researchers noted in their findings.
Other forms of biometric authentication, like iris or facial recognition, are in the works. However, until those methods are proven and perfected, err on the side of security, not convenience.
Here are some security best practices to keep in mind:
- Enable two-factor authentication whenever possible
- Create strong, long passwords that use a combination of letters and numbers
- When creating back-up PIN codes for your phone, avoid easy-to-guess PINs like your birthday
- Use unique passwords for each site.
For more security tips and tricks, visit IDnotify’s Tips page on ways to keep your identity safe.