[ad_1]
<div _ngcontent-c14 = "" innerhtml = "
Getty
One of the major novelties with the launch of the Samsung Galaxy S10 smartphone was the brand new "built-in" fingerprint scanner for the S10 and S10 + models. The on-screen scanner pushed by Samsung was not only practical, but the Extra security offered by the ultrasonic fingerprint sensor rather than a traditional optical drive. We were assured that it was capable of creating a complex 3D map of your fingerprint, which meant that only you and yourself could unlock your phone. Now, it seems that Samsung has been wrong as a security researcher has demonstrated how it deceived the fingerprint scanner with a printed copy in 3D.
How does the ultrasonic fingerprint work?
The difference with the ultrasound fingerprint scanner of Galaxy S10 and S10 + smartphones compared to more traditional capacitive scanners is that it can capture a 3D image rather than a 2D image. By using ultra-high frequency ultrasonic sound waves, the scanner can map a fingerprint with quite amazing details, including ridges and pores as well as the "flat" patterns that we are more used to seeing. To do this, he transmits a pulse of his ultra-sound against your finger, then analyzes the pressure of the pulse that results. This will be different for everyone because each footprint will absorb different amounts of wave pressure, for lack of a simpler way to describe the process, a unique 3D map will be created. A map that captures the depth data on different points of the scanner, making the resulting map very detailed in all dimensions. Until here everything is fine. So, what went wrong?
How did the hacker break the scanner?
The truth is that nothing went wrong with the scanner, it did its job as expected. Unfortunately, the researcher (known as darkshark9) was able to use a photograph of his fingerprint from a glass of wine and, with the help of Photoshop, create an alpha mask. This mask was then exported to the 3ds Max software to create a geometry shift to obtain a very detailed and elevated 3D model. It was simply a question of printing this model from its AnyCubic Photon LCD printer with a precision level of 10 microns. This ensured that all the crests of the fingerprint were correctly rendered. The printing time was 13 minutes, after which the resulting false fingerprint would open the Galaxy S10 every time. I said earlier that the hacker had fooled the scanner, but in reality this is not really the case because the cloned fingerprint is exactly the same as the original and the Scanner recognized what he had been ordered to do.
And the real risk for me is?
It really depends on who you are, what data is stored on your phone, and how many people want to access it. Although darkshark9 says that "nothing prevents me from stealing your fingerprints without you knowing" and further that "if I steal someone's phone, his fingerprints are already on it" the truth is that this would require a perfect alignment of circumstances. For some very prominent people, such an attack scenario does present a risk. However, for the average Jo (Anne), there is not much to fear here. Of course, if someone stole your phone, he could theoretically have access not only to your personal data, but also to your bank account, since most of them now rely on a login ID. fingerprint to authenticate the user on the application. Assuming that the person who stole it also has the 3D printer and technical skills to create the clone footprint, as well as the urge to do it, which is all to makes the assumption to make.
Should I stop using my fingerprint?
No, that would not be desirable in my humble opinion. There will always be a compromise between convenience and security. This is why most people do not use PIN or password. Most security experts generally believe that both methods of authentication are safer than fingerprint biometrics, but they are also more time consuming in terms of memorizing and entering the code. This is why many people see their phones always unlocked, which requires no such authentication. Biometric elements, such as face recognition and fingerprints, overcome this disadvantage by being "safe enough" for most users, without adding any inconvenience to the user. "The entire movement of Biometric authentication at the level of electronics consumers will never be very secure "Ian Thornton-Trump, head of cybersecurity at AmTrust Europe, shares this view. "I'm not a fan of facial recognition, speech recognition, or fingerprint authentication, but consumers are, and that's not a bad thing." I would certainly always recommend one fingerprint protected device to another without protection. I would always recommend one fingerprint protected device to another without protection. This advice remains the same in light of the Galaxy S10 hack. In fact, even darkshark9 himself says that the ultrasound fingerprint reader of the S10 is probably safer than the optical or capacitive sensors of other smartphones. "Optical sensors can be trapped with a simple scan and print a fingerprint" he notes, "ultrasonics can not." As reported here in Forbes Last month, the fingerprint scanner is certainly more secure than face recognition that can be beaten by a video of the owner placed in front of the smartphone.
I went to Samsung for a comment, but none was available at the time of publication. If this changes, I will update the story in due course.
">
One of the major novelties with the launch of the Samsung Galaxy S10 smartphone was the brand new "built-in" fingerprint scanner for the S10 and S10 + models. The on-screen scanner was not only convenient, but thanks to the added security offered by the ultrasonic fingerprint sensor rather than by a traditional optical drive. We were assured that it was capable of creating a complex 3D map of your fingerprint, which meant that only you and yourself could unlock your phone. It now seems that Samsung has been mistaken as a security researcher has demonstrated how he fooled the fingerprint scanner with a 3D printed copy.
How does the ultrasonic fingerprint work?
The difference with the ultrasound fingerprint scanner of Galaxy S10 and S10 + smartphones compared to more traditional capacitive scanners is that it can capture a 3D image rather than a 2D image. By using ultra-high frequency ultrasonic sound waves, the scanner can map a fingerprint with quite amazing details, including ridges and pores as well as the "flat" patterns that we are more used to seeing. To do this, he transmits a pulse of his ultra-sound against your finger, then analyzes the pressure of the pulse that results. This will be different for everyone because each footprint will absorb different amounts of wave pressure, for lack of a simpler way to describe the process, a unique 3D map will be created. A map that captures the depth data on different points of the scanner, making the resulting map very detailed in all dimensions. Until here everything is fine. So, what went wrong?
How did the hacker break the scanner?
The truth is that nothing went wrong with the scanner, it did its job as expected. Unfortunately, the researcher (known as darkshark9) was able to use a photograph of his fingerprint from a glass of wine and, with the help of Photoshop, create an alpha mask. This mask was then exported to the 3ds Max software to create a geometry shift to obtain a very detailed and elevated 3D model. It was simply a question of printing this model from its AnyCubic Photon LCD printer with a precision level of 10 microns. This ensured that all the crests of the fingerprint were correctly rendered. The printing time was 13 minutes, after which the resulting false fingerprint would open the Galaxy S10 every time. I said earlier that the hacker had fooled the scanner, but in reality this is not really the case because the cloned fingerprint is exactly the same as the original and the Scanner recognized what he had been ordered to do.
And the real risk for me is?
It really depends on who you are, what data is stored on your phone, and how many people want to access it. Although darkshark9 states that "there is nothing that prevents me from stealing your fingerprints without you knowing it" and that "if I steal someone's phone, their fingerprints are already visible ", the truth is that it would require a perfect alignment of circumstances. For some very prominent people, such an attack scenario does present a risk. However, for the average Jo (Anne), there is not much to fear here. Of course, if someone stole your phone, he could theoretically have access not only to your personal data, but also to your bank account, since most of them now rely on a login ID. fingerprint to authenticate the user on the application. Assuming that the person who stole it also has the 3D printer and technical skills to create the clone footprint, as well as the urge to do it, which is all to makes the assumption to make.
Should I stop using my fingerprint?
No, that would not be desirable in my humble opinion. There will always be a compromise between convenience and security. This is why most people do not use PIN or password. Most security experts generally believe that both methods of authentication are safer than fingerprint biometrics, but they are also more time consuming in terms of memorizing and entering the code. This is why many people see their phones always unlocked, which requires no such authentication. Biometrics such as face recognition and fingerprinting overcome this problem by being "secure enough" for most people, without adding any inconvenience to the user. "The entire movement of biometric authentication at the level of electronics consumers will never be very secure," confirms Ian Thornton-Trump, head of cybersecurity at AmTrust Europe. but consumers are and this is not a bad thing. "I would always recommend one fingerprint-protected device to another without protection – I would always recommend one fingerprint-protected device to another without protection – this advice stays the same in light of the Galaxy S10 hack. even darkshark9 himself claims that the ultrasound fingerprint reader of the S10 is probably safer than the optical or capacitive sensors of other smartphones. "Optical sensors can be trapped with a simple scan and l & # 39; 39, print on paper from a fingerprint, "he notes," ultrasonics can not. "As reported here at Forbes last month, the fingerprint scanner is certainly more secure than facial recognition that can be defeated by a video of the owner placed in front of the smartphone.
I went to Samsung for a comment, but none was available at the time of publication. If this changes, I will update the story in due course.