Data security is becoming more important by the day. People are developing more and more ways in which they can make data even more secure. But with every new security measure, new problems arise and new ways to bypass those security measures are developed.
Scientists are now trying to find a way to access these devices by using something they are calling a master fingerprint. This master fingerprint works in a similar way to a master key and is supposed to be able to open any lock. These master prints are supposed to emulate a large number of different fingerprints, and it may cycle them until it finds the right combination that is able to hack the device.
The idea is that there is a fingerprint combination equivalent to the most common four-digit security code, something like “1234” or “1122”. The scientist used a digital database and developed a master fingerprint that was able to imitate a random fingerprint 26 to 65 percent of the time. This is a big range indeed, but there is a good reason behind it. The database used in the study was relatively small. So, in theory, with a big enough database, the master fingerprint may be able to unlock any sensor system.
There are additional things that need to be factored into the equation. For starters, the fingerprint sensor on any mobile device is small. Additionally, a person can add multiple fingerprints to a single device. Every device also gives the user multiple chances to unlock the device. All these issues pose serious security threats.
The fact that the sensor is able to store multiple fingerprints, the database of partial fingerprint scans grows in size and so does the ability of a master fingerprint to find the correct combination. This is especially true since the sensor on the phone does not recognize the finger that is placed on it but only the pattern. The system does not even recognize the position in which the finger is placed. So, as soon as the device finds any combination that works, it grants the person access to the device.
A group of scientists led by Nasir Memon, a computer scientist from NYU’s Tandon School of Engineering used a database which contained around 800 prints. From the database the researchers extracted thousands of partial fingerprints which they later matched against one another and came to a surprising conclusion; there were some fingerprints which were perfect matches more than 15 percent of the time.
One of the main issues with this study is that it was computer-based. This means that no physical device was used during testing. So, all the findings so far are purely theoretical.
Another issue with this study is that it used minutia points to create the master fingerprint. The issue with this is in our fingers ironically enough. The human finger consists of ridges and valleys. Some ridges might split, while others might just end. These ridges and valleys are what experts call minutia points. The problem with this is that phone sensors use texture patterns of a fingerprint and not the minutia points.
Still, the study exposed some significant vulnerabilities. The trend in the phone industry is to make smaller sensors. A smaller sensor means that a smaller fingerprint pattern is used, so the chance that a fingerprint of one person is similar to the fingerprint of another person increases.
Henry has never been ashamed of describing himself as a science geek. He has loved the world of science ever since he made his first baking soda and vinegar volcano back in the 3rd grade. His love for science then developed into his love of all living creatures. As a botonist, he spends more of his time speaking to plants than he does talking to other people. He, however, has learned the art of balancing his love affair with his work with family time. Henry spends a lot of time camping with his loving wife and beautiful kids. Henry has found the key to getting the best of both worlds.