With the launch of the iPhone 5S and its TouchID in 2013, the world was introduced to the whole biometric authentication frenzy that would go on to take over the smartphone industry. Fast foward to 2019 and we have since moved onto fancier biometric authentication methods like LG’s new Hand ID, Apple’s FaceID and Samsung’s Iris Scanning.
Fingerprint scanning is the reigning king though. You can find devices that cost less than $100 that have these sensors and they are very accurate at that. With TouchID having matured for almost a decade now and the tech behind it matured enough, how secure is this mode of authentication really?
Can you unlock a phone with a fake fingerprint?
So can your phone be unlocked without your finger? With a lot of effort and know-how, Yes.
Tech is a double edged sword. With a high enough resolution of the image of someone’s fingerprint, the technology we have today can be used to generate a good enough replica of your fingerprint, good enough to fool your phone into unlocking for someone else. .
Granted, for the average person, this kind of tech might not exactly be within their reach but for instance, governments with enough resources could very well pull this off.
A group at Michigan State University took a 300 dpi scan of a fingerprint and printed it with special ink on glossy paper. They were able to use it to fool the fingerprint scanner of a Galaxy S6.
Back in 2013, Germany’s Chaos Computer Club took a high-resolution photo of a fingerprint from glass and used it to make a latex reproduction of the print that could fool the sensor. Here’s a video of this method in action.
So which method is secure?
If you want to be the only one able to access your phone, maybe you should use a passcode. With Android’s 9-Pin pattern, a stranger has a 0.003% chance of unlocking it.
With a more traditional 6-Digit unlock code, there are 1,000,000 different combinations so chances of a false unlock are down to 0.0001%. A 2D face unlock is the least secure with a 0.1% chance so really, the 6-digit PIN is more secure.
|Smartphone Unlock Method||Total Possible Combinations||Approximate false Acceptance Rate|
|Android's 9-PIN Pattern||389,112||0.0003%|
|iOS 6-Digit PIN||1,000,000||0.0001%|
|Android's 2D Face Unlock||1,000||0.1%|
Again, for the average person, these are still very good odds and they’d be more than happy to rely on fingerprint authentication for unlocking their devices. These offer a level of convenience and that these sensors have gotten really good over the years is just icing on the cake.
What is your go-to method of authentication? Does your device have a different mode of authentication other than a fingerprint? Tell us in the comment section below.