This kind of thing makes fingerprint spoofing even harder

Samsung patent suggests multi-fingerprint e-wallet authentication and gesture control (Android Authority)

Applications for fingerprint scanning are quite limited at the moment…

The future may hold a bigger promise, however. A patent application made by Samsung indicates that the company may be working on an even more innovative use of fingerprint scanning for authentication. In the patent application, Samsung describes several methods for authenticating a purchase, such as through PIN, password, pattern, and even fingerprint scans. An interesting addition is the inclusion of multiple fingers for stronger authentication.

Uncertainty over which fingerprint was used — or in the not too distant future, which combination of fingerprints are used — would go a long way towards making the already difficult task of fingerprint spoofing even harder.

More context for fake fingers

Here’s what you need to know about the Apple TouchID “hack” (GigaOM)

So for most people this won’t be a problem. And indeed, if you’re the type who forgoes passcodes because they slow you down, it’s better to use TouchID than to use no security at all. Also, it’s not like we’re talking about someone hacking into the phone’s secure A7 chip.

But do remember that, compared with passcodes, the inclusion of biometric access can in certain circumstances make it just that little bit easier for someone to get into your phone. And if that phone carries secrets that others really want to steal, you may want to bear this new risk in mind.

Keeping Biometric System Vulnerabilities in Perspective

Biometric security hacks threaten to ruin the KeyLemon party (Wired)

As biometric security systems from companies such as KeyLemon are increasingly introduced to devices, spoofing attacks are becoming more common and sophisticated. The Tabula Rasa project aims to prevent these security breaches.

Lots of good stuff in the article. Just remember, lock-picking is spoofing, too, and if you use unattended facial recognition for access control, be very suspicious of that strange person that wants to “interview” you using her camera phone.

Translate »