HOWTO Beat Fingerprint Scanners: With Play-Doh
from the fun-with-fingers dept
While researchers are constantly trying to come up with new biometric security methods, the fingerprint scanner has established itself as a trusted piece of equipment, even making its way onto laptops and mobile phones. But a new study says that 90% of scanners can be fooled by a fingerprint made from Play-Doh. As Engadget points out, that’s good news for people worried about losing their fingers to thieves. No word, however, on the effectiveness of Silly Putty.
Filed Under: fingerprint
Comments on “HOWTO Beat Fingerprint Scanners: With Play-Doh”
wouldn't the fingerprint be backwards?
hello? why would they accept a backward print?
Re: wouldn't the fingerprint be backwards?
“…by taking a mold of the mark?s finger, filling the mold with Play-Doh, and using the fake digit to gain access.”
Re: wouldn't the fingerprint be backwards?
finger scanners just pick up a number of main points on your finger… they must only match the same as how it was enter’d into the system. they are a simple tool to use, but we must also remember that for the majority of users, they are..excuse me but ignorant to how things really work, and won’t take the time to research anything.
No Subject Given
Silly putty would actually not work. The silicone-base of the silly putty is to “fluid”. It would lose the shape of the print long before it was used.
But, the question remains now… if I had a picture of your fingerprint (probably in newsprint), would I be able to use the “comic copy” effect to dupe your print? And what about if I stretch it out? would it work then?
Ok… now I’m just being silly.
Re: No Subject Given
But, the question remains now… if I had a picture of your fingerprint (probably in newsprint), would I be able to use the “comic copy” effect to dupe your print? And what about if I stretch it out? would it work then?
As long as you don’t put the silly putty on printed material or that’ll be a DMCA violation and they’ll try you as a witch.
Re: Re: No Subject Given
Rikko, It would be a DMCA violation only if you are copying the finger itself. afterall, it is the Digital Millennium Copyrigth Act. Now, however, I’ll probably be burned at the stake for such a horrible pun.
That is why
The military never has accepted any fingerprint system without some other version of biometrics around that technology. Simply putting in a system that would look for heartbeat associated with the print at the same time would increase security 20 times over. If the military doesn’t allow it, why should you? I mean you can send Secret material in postal mail.
Re: That is why
That’s heartening to know.
Re: That is why
I agree. Problem is, most any biometric can be faked, if it relies on only 1 or 2 factors. Lets take Gattaca (dna via blood), Alien Resurrection (breath and voice analysis), Star Trek (voice and eyeball scan), X-Men (eye scan, voice)…all of the above mentioned movies show ways on how the system can be defeated, no matter how near or far into the future you go (or mutated you are =).
Pretty much the only way to get it right is to submit a full body into the process, and account for every aspect of a human being, including weight, age, skin color, hair, eyes, dna, brainwave patterns, foot and finger prints, breaks in bones, medical conditions…. I can go on with a mile long list. Come up with a system that can do all that, and I can guarantee that every gov’t and corporate entity will want a piece of that technology. And you can kiss all your freedoms goodbye =)
Gummi Bears work too according to Crypto-Gram
http://www.schneier.com/crypto-gram-0205.html#5
I've also heard
Gummi bears can make nice fingerprint molds, as well. For an extra bonus, you can eat the “evidence” once you’re done using it!
NOTE: Before when your fingerprint scanner is sticky!
law enforcement
Ok, cool. so you think i might fool the highway patrol or the dmv and get a fake id? all i have to do is make the fake digit (umm whos could i use? could i make my own little loops and arches?) and then convince the DPS that rubber finger is really mine.. but i am in texas.. might work…
No Subject Given
Anybody watch the Bourne Supremecy movie. Remember how the dude lifted a finger print with tape and transplanted it somewhere else. Try it it works.
Can't rotate the password...
The problem with ALL biometric technology is that once they are hacked (and the fingerprint thing is not new), you can’t rotate the password or reissue the token.
Eventually, all of the authentication technologies based on physical attributes will be useless as they will be in some way compromised. A better solution would be two-factor authentication with something you have (eg. a piece of hardware) being the second factor, not your physical characteristics…
Chris.
Re: Can't rotate the password...
It is true that any biometric form of authentication can be compromised. I truly think biometrics is a great idea, however. Lets say you were at the ATM, why can’t we use biometric fingerprint scanners to pull up your accounts, and then combine that with a pin number. This eliminates an ATM card, and to be honest, if someone knows your PIN, it’s a lot easier to steal an ATM card than it is to steal your fingerprint.
Re: Can't rotate the password...
a piece of hardware? how is that more secure than using two biometric security methods? if someone can get my finger print and lets say iris pattern or dental pattern…they can probably get my piece of hardware.
and the reality is that everything can be hacked w/ time and money. the key is slowing them down enough to detect the hack or complicating it enough to create more room for error.
gummy bear
i was in an internet security class, and we had to find things that might work to bypass a fingerprint reader. all kinds of people brought int things and the one that worked most often was a gummy bear. the clear crappy tasting ones. as long as some one has used the finger print read before, it would pickup the residual fingerprint and unlock the computer.
Diabetics
I’m a type I juvenile diabetic, and Fingerprints are something I’ve always wondered about. As part of my disease I test my blood sugar regularly, which involves lancing my fingertips. At a minimum of three times a day. You can tell it, too! On a particularly bad day, they can get to look like raw hamburger if one isn’t careful.
So, my question is: Do all this pricks and microscabs on there alter my fingerprints? POssibly in ways that would make a run-of-the-mill system reject my own finger?
why play do
Finger Print Scanner SUCKS
Youtube has it they did every thing yall thought up and it works. youtube com/watch?v=oXyFmieZjiE techdirt doesn’t want you to post urls in here I guess.
Besides mission impossible movies would have a ‘fake skin’ with the finger prints on it. I’m sure we have the tech to do that for real.
If you was really insidious you can grow real skin in the lab on a mold of the persons finger print your trying to fake. Perhaps spray it with some sort of preservative for the time when you need to slip it on.
fingerprint scanner
I beat the print scanner at work . Make a print in silly putty, put a couple laters of liquid latex in the mold until thick enough to handle, peel the new “print” out of the mold, works like a champ.
Re: fingerprint scanner
a can u please explain that trick to me becuase i need to beat this fingerprint scanner….
Just use a latex glove and the last print that was picked up by the scanner will be read as yours
beqating fingerprint analysis
Please advise on where I Can obtain the ingredients for making my fingerprints not readable. Are there stores that sell fake fingerprints, if so where?
prints
can you earase your prints wit sand paper enough so that it will not read that its yours
Are you stupid?
Are you stupid?
Everyone who has previously placed a comment appears to be dumb. You are all considering using the silly putty as a mould . Wow, internet reading has just become a hell of a lot more hilarious. Anyone think to use some sort of powder such as flour… dust it onto the scanner, lightly of course. Place sellotape over that. Then put silly putty on top that so it does not read your fingerprint apply pressure then voila 🙂 Hope you all realized how dumb you all were.
@ James, no actually your comment is dumb. If you did the that the fingerprint scanner would deny your prints as not of good quality. After 5x of that then the state does a name search. ANd iM SURE THAT IS WHAT THESE PEOPLE ARE TRYING TO AVOID! You want the scanner to think your prints are ok and to pass you through without cross referencing your name.
u all dumb asses ,, what u ar all saying is applicable only when you alone have access to the machine , so what hapends if a security man is there to monitor fools like you? comone say what could be used in any security system
video for finger print
this video will help u to copy ur finger print,,,have fun
http://www.metacafe.com/watch/1070335/copy_your_fingerprint/
Hkdhj
Play dog
can the fingerprint in ATM systems be accessed again using any of the spray?
Can't rotate the password...
Unless they cut your finger off.
wouldn't the fingerprint be backwards?
Turn your hand over then make the play doh print then flip the mold back over like the original hand
Fingerprint time and attendance system
The loopholes in cyber security might be dangerous and can put a bad effect for the growth of business.
Businesses need better solutions to protect these fraudulent activities and for that they require better fingerprint time and attendance system. These systems are protected by 3-4 layers of encryption.
law enforcement
If you can make the fake prints thin enough, you could simply glue them onto your own fingertips after dying them to match your skin. Very hard to notice, especially if you keep your hands mostly in a palms-down position.