A simple and effective way to make Touch ID work better, more securely and faster

The issue of the reliability of data protection using a fingerprint was raised at the Black Hat security systems expert conference in Las Vegas. Experts from FireEye shocked the public when they revealed that some Android smartphones store fingerprints unencrypted.

In particular, experts found that the device HTC One Max fingerprints are in the general section file system in the form of an unprotected graphic file dbgraw.bmp. This data is also vulnerable on Samsung and Huawei devices.

As a result, attackers using any malicious process or application can gain access to this high-resolution image.

Hackers can also use fake lock screens to authenticate identities on popular payment systems in order to intercept money transfers and theft of funds. In conclusion, the experts noted that many mobile device manufacturers Android based do not use TrustZone technology to protect biometric data.

And since by 2019, half of all mobile devices sold will be equipped with a fingerprint scanner, attackers will not only be able to steal data en masse, but also add their fingerprints, thereby blocking access to the device.

At the same time, experts noted that on most Android smartphones, fingerprint sensors are less protected than on iPhones. Apple smartphones encrypt the fingerprint image, so that even if hackers gain access to the data, they will not be able to read it without crypto. graphic key.

It is more difficult to steal a fingerprint on an iPhone than on Android smartphones

According to Kaspersky Lab antivirus expert Sergei Lozhkin, if a fingerprint scan stored on the phone somehow gets into the hands of cybercriminals, then it will be quite easy to duplicate the finger. “And, accordingly, they will be able to gain access to all devices where your fingerprint is used,” the expert added.

He also noted that the phone does not care whether a real finger or a rubber clone is used.

Obtaining fingerprints is actually not such a difficult process, since we literally leave them everywhere. Moreover, there are ways to obtain a fingerprint without access to it at all. German hacker Jan Crissler was able to make a copy of the German Defense Minister's finger using just photographs of her from a public appearance, taken from a distance of 3 m.

Prior to this, Crissler was able to obtain a valid fingerprint directly from the iPhone 5S fingerprint scanner. To do this, he used just wood glue and graphene.

However, access to data hidden with a fingerprint, as shown by the inquisitive minds of jealous wives, can be much simpler: they simply applied the scanner to the finger of their spouses while they were sleeping.

As Alexey Oskin, head of the marketing and technical support department for ESET products, told Gazeta.Ru, soon, when data protection using fingerprints becomes widespread, attackers will immediately pay attention to this.

“The hunt for user biometric data will begin, and sooner or later it will end up in the hands of criminals if special measures are not taken to protect it,” the expert warns.

At the same time, according to Oskin, users are unlikely to be able to do anything themselves to protect their fingerprints, so for them there is only one option: it is trivial not to use fingerprints as the main type of authentication.

I agree with him too. You can protect yourself by using a combination of a fingerprint and a password, he believes. “In addition, it is still recommended to set a more complex password. It’s not very convenient, but it’s reliable,” the expert said.

At the same time, if we talk about the most optimal method of authentication using one security factor, then a fingerprint still looks more reliable than a password, says Alexey Oskin. “But the question is not which method is more reliable, but how dangerous it is to use fingerprints as the only authentication factor,” the expert noted.

At the same time, Lozhkin is absolutely sure that a password will in any case be a more reliable way to protect data than a fingerprint.

According to Oskin, large technology companies that are actively implementing such authentication methods, as well as government organizations and specialists in information security should develop a unified policy for the further development of such data protection mechanisms, as well as adopt security standards for encryption and storage of data on biometric factors.

The expert calls one of the solutions to this potential problem the use of two-factor authentication, where the main login key is a password, but along with it, authorization is also performed using other methods: additional one-time passwords, a pattern key or a retinal scanner.

Fingerprint identification is one of the most reliable ways to confirm a person’s identity. In terms of accuracy, this method is second only to retinal scanning and DNA analysis. A fingerprint is nothing more than papillary patterns on the skin, which are unique to each person and are formed in the fetus as early as 12 weeks along with the nervous system. At the same time, the patterns are influenced by the child’s genetic code, the position of the fetus in the uterus, the mother’s nutrition during pregnancy, the state of the environment and other random factors. In simple terms, papillary patterns are ridges and depressions on the skin that form a one-of-a-kind pattern. Even if the epidermis is damaged, the pattern is restored over time; it is only a matter of time and, of course, the degree of damage. How the fingerprint scanner of a modern smartphone works—we’ll talk about that in today’s episode.

Any fingerprint scanner has two functions: obtain an image of the fingerprint and check its pattern against other patterns in the database. IN modern smartphones optical scanners are used. They work on the same principle as small digital cameras. The picture is taken using a microcircuit consisting of light-sensitive photodiodes and an autonomous lighting source - a matrix of LEDs, which illuminates the patterns on the finger.

When exposed to light, photodiodes create electric charge, capturing a single pixel in a future photo. Depending on the amount of light entering, the color intensity of the pixel changes. The combination of pixels of different intensities forms a fingerprint image on the scanner. Before starting to verify the print, the scanner checks the quality of the image, namely its brightness and clarity. If the photo is too bright or dark, the scanner's shutter speed is adjusted and the process repeats.

After the fingerprint is received, it is analyzed using a special software. The software uses complex algorithms to determine the features of papillary patterns. In total, there are three types of patterns: arc, loop and curl. Having determined the type of pattern, the scanner identifies the endings of the pattern's lines, such as breaks and splits - called minutiae. They are unique and allow one to identify its owner by fingerprint. The scanner determines the position of the minutiae relative to each other in each image: it breaks the print into small blocks of 9x9 pixels, each of which contains a certain number of minutiae. The coordinates of the detected minutiae and their orientation angles are recorded in a vector. Identical blocks from the scanner and images from the database are then compared, and if the patterns in them are identical, then the fingerprints belong to the same owner. It is worth noting that scanners do not analyze every line of the pattern: they only find identical patterns in a small number of blocks and establish similarities based on them.

There are two main types of optical scanners. The first one takes a picture of the desired area of ​​the finger when touching the scanner. This type is used in Apple smartphones, starting with iPhone 5s.

The second type of optical scanner involves running your finger across it. It takes a series of pictures and programmatically merges them together. This scanner has found its application in Samsung Galaxy S5. But in subsequent models it was replaced by the first type, which is more convenient, but also more expensive due to the need to use a larger matrix.

A common disadvantage of optical scanners is their susceptibility to contamination and scratches. In addition, such a scanner can be deceived using a cast of the phalanx of the finger.

Biometric sensor Touch ID first appeared in Apple devices V . A year later he moved to,. From a pleasant addition for owners of a flagship smartphone, the fingerprint scanner has turned into a real tool for protecting access not only to the smartphone itself. mobile device, but also to individual applications, and has also become an integral element payment system. Unfortunately, Touch ID still does not always work as intended and as users would like. Let's try this to correct.

All the best deals on iPhones (there are even 20 thousand cheaper than the market). They change something and even give it away for free.

In May last year, Roman Yuryev already discussed this topic in detail and described in detail how to set up Touch ID so that you could then forget for a long time about malfunctions of the sensor and manually entering a password. Unfortunately, over time, the algorithm of the fingerprint scanner still begins to work with some “quirks”, which subsequently only become more frequent. For example, after upgrading to the iPhone 6, I was in absolutely delighted from the updated Touch ID - it worked perfectly and smoothly for more than a month, and then suddenly began to fail, and this happened more and more often every day.

The main thing is not to give up your hands, or in this case your fingers. The problem can be solved, using improvised means and will not require much of your time. This method was first described about a year ago, but for some reason it passed by most thematic resources, although the method really works, as I was convinced of from my own experience.

So, the best way to start is to delete all the prints and set them up again, as described in last year. After this, restart your smartphone, ending all applications first. Maybe these steps are unnecessary, but let them be for the purity of the experiment. Now let's go to Settings -> Touch ID & Password-> Enter the password, if necessary, and get into the very menu where your fingerprints are stored.

Now - attention - no more manipulations or transitions are needed, just touch the scanner the same way you do to unlock your device. Please note that when you hold your finger on the sensor known to the system, one of the prints in the list on the screen illuminated. This is the fingerprint of this finger, and you have just performed an additional scan of it, the results of which iOS saved somewhere in the system on the chip.

It happens in such a simple way Touch ID training, the biometric sensor takes additional pictures of your finger and can use them to unlock. Take five to seven minutes to properly scan each of your saved fingers, applying them to the button while in this menu. Each time one of the prints is highlighted, it means that the procedure was successful. Additional scans of your finger will appear in the device’s memory, and Touch ID will work much better, the activation process will be noticeably faster.

We repeat once again: each finger, differently, many times - the result will be noticeable immediately and will remain with everyday use of Touch ID.