, SecurityFocus 2003-08-13
Two German hackers say they have developed a technique to defeat biometric fingerprint scanners used to authenticate electronic purchasing systems. Unlike an earlier fingerprint attack developed by the pair last year, this system creates latex fingertip patches designed to be used while under observation.
Expand all |
Post comment
Maybe. Bear in mind that Matsumoto's attack (which this just basically replicates) used only $10 worth of materials, a couple of hours work, and an idea they came up with some afternoon with almost no prior knowledge of biometrics. It was NOT a sophisticated, high tech attack.
Nevertheless, it defeated capacative sensors as well as optical ones, and also fooled two "live finger" detectors.
In the past, the biometrics industry has left a bad taste in security professionals' mouths, with frequent extreme exaggerations of the capabilities of biometrics. In my opinion, claiming that a system is "not easily defeated" when no-one has actually tried sails dangerously close to doing so again. It would be more accurate to say "we are working on making these sorts of attacks harder".
Can I ask a question, Watching? Your post seems to me to have a slightly speculative tone. Has your organisation actually tried to replicate Matsumoto's gummy figure attack?
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/6717/21516#21516