Straight out of the movies
We are all used to the idea of using our fingerprints to log into our cell phones and, for some of us, our laptops.
We’ve been told fingerprints are secure, and effective for ‘biometric authentication’
In the movies, we see finger prints being lifted from glasses with sticky tape and so on, but that’s the movies right?
Is it real? Surely there is no way that Apple and Samsung would lock their devices with something that could be easily faked?
Your mission, should you choose to accept
We were shocked to learn that it is possible to fake your fingerprints for logging in with stuff that’s commonly available around the house. A photo, a printer and some glue.
All it takes is a photo of a finger print, then just edit it to create a negative using commonly available photo editing software. Print it on some acetate sheets on a laser printer, apply some glue to the top of the print and let it dry.
“We were able to perform this well-known attack on the majority of devices our team had available for testing. Had this been a real attack, we would have had access to a vast range of sensitive information.” – Kraken
Cyber Security Tip:
The lesson is: don’t assume your device is safe on the basis of fingerprints alone. 2FA is vital, and so is having your phone protected so that it can be remotely wiped if you lose it.