As smartphone cameras offer higher resolutions each year, new discussions regarding biometric security systems have emerged. According to security experts, high-quality selfie photos shared on social media can now reveal not only facial information but also fingerprint details.
Biometric Protections Can Be Overcome
According to experts, photos taken from approximately 1.5 meters away with fingers directly facing the camera can contain sufficient detail for attackers to reconstruct fingerprint data.
In such a scenario, the obtained data could reportedly be used to deceive biometric verification mechanisms used in phones, laptops, payment systems, and online accounts.
AI Increases the Risk
Financial expert Li Chang stated that current AI-powered image processing tools can make fingerprint lines, which are difficult to discern in ordinary selfie shots, more prominent. It was noted that advanced photo editing software, in particular, sharpens fine details in images, making attackers' jobs easier.
Jing Jiwu, a professor at the University of Chinese Academy of Sciences, noted that the process involves some technical obstacles. Jiwu stated that factors such as lighting conditions, motion blur, and focusing problems make it difficult to extract fingerprints. Nevertheless, he emphasized that the likelihood of achieving successful results significantly increases when multiple high-resolution photos are used.
These warnings and statements gained significant traction, especially in China. One of the important reasons for this was the widespread habit of taking selfies with a "V" or peace sign in the region. It is stated that these poses, where fingertips are directly facing the camera, can lead to the unintentional sharing of biometric data.
Not New, But Getting Easier
Fingerprint attacks have existed for a long time. However, in the past, such attacks were not practical for most attackers due to high costs and technical difficulties. The proliferation of advanced camera systems has begun to change this landscape.
Jan Krissler, a German biometrics researcher and member of the Chaos Computer Club, managed to bypass Apple's Touch ID system shortly after its release in 2013. A year later, Krissler also succeeded in reproducing the fingerprints of the German Minister of Defense using publicly available photos.
At that time, producing a usable fake fingerprint required numerous high-resolution photos, controlled shooting conditions, and specialized processing techniques. However, the advanced sensors and computational photography technologies offered by modern smartphones are making this process increasingly accessible.
A study conducted by Kraken Security Labs researchers in 2021 more clearly revealed the extent of the risk. The researchers announced that they were able to create a functional fake fingerprint using only a fingerprint photo, Photoshop, a laser printer, and wood glue.
0 Comments: