Police in the US have successfully spoofed a murder victim’s fingerprints in order to gain access to his smartphone.
It’s result of a collaboration recently initiated with Michigan State University biometrics researcher Dr. Anil Jain, one of the world’s most well-respected biometrics experts. Police believed that the murder victim’s Samsung Galaxy S6 may contain clues about who killed him, but weren’t able to access it due to its biometric authentication requirement.
While Dr. Jain’s team tried an expensive, labor-intensive experiment involving 3D-printed fingerprints coated in metal to enable electrical conductivity, the solution that ultimately worked was relatively simple: Two-dimensional fingerprints, enhanced for detail from those the police had provided to Dr. Jain’s lab, printed on conductive paper. The smartphone was unlocked on the first attempt.
While this is a step forward in the police investigation, for many it has troubling implications. On the technological front, this solution underscores the limitations of consumer-grade mobile authentication based solely on fingerprint scanning, with many devices on the market now using capacitive sensors similar to that in the Samsung Galaxy S6. And on the legal front, there is some concern that this method will give police an access route into suspects’ mobile devices, whereas courts had previously defended suspects’ rights not to divulge their passwords.
What is clear is that as a relatively new technology that is quickly spreading into many consumer devices, biometric authentication’s security and legal implications are still being explored.
July 28, 2016 – by Alex Perala