This worrying scenario envisions the remote capture of a smartphone user’s fingerprints

[

Computer security researchers have uncovered a novel fingerprint recognition technique, based on the sounds made by a finger on a touchscreen. If combined with malicious software, this could one day expose users to biometric data theft.

PrintListener is the term given to a new technique revealed by a team of researchers based in the US and China. It exploits the sound of finger friction on a touchscreen to extract the patterns of the corresponding fingerprint.

The method involves capturing sounds via microphones built into electronic devices during common interactions on user platforms such as Skype, Discord, WeChat, FaceTime and Google Meet. A software application can then bit by bit reconstruct the user’s fingerprint, without their knowledge.

This type of discovery obviously raises many fears in terms of IT security. The technology in question presents a genuine risk of biometric data theft and could eventually call into question the reliability of fingerprint authentication systems.

Initial results are impressive: the system is already capable of reconstructing a partial fingerprint in 27.9% of cases and a complete fingerprint in 9.3% of cases. All of this after five attempts.

The side-channel attack (ie, an attack that uses extra information gathered through the way an algorithm or IT system is set up) PrintListener works by exploiting a little-known but potentially highly invasive flaw that could enable a hacker to obtain someone’s fingerprints without even needing direct access to the device they’re using. With the use of malware, the hacker could then recover the victim’s fingerprint in addition to other sensitive data (passwords, bank details, etc). – AFP Relaxnews

Read original article here

Denial of responsibility! Genx Newz is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a Comment