Tuesday, January 17, 2017

A warning to all the selfie queens out there: you can be hacked!

Next time someone poses for a selfie with their fingers held up in a peace sign, maybe tell them to leave it at a smile.

An ordinary photo of the universal sign of goodwill might be enough for a thief to copy a fingerprint, thanks to the high quality of digital photos these days. And since Touch ID and similar technologies turn fingerprints into keys that unlock our devices and the data we keep in them, that’s cause for concern.

Just by casually making a peace sign in front of a camera, fingerprints can become widely available.

A team at the NII’s Digital Content and Media Sciences Research Division, Japan was able to reconstruct fingerprints spotted in pictures taken from up to 3 meters away.

“Fingerprint data can be re-created if fingerprints are in focus with strong lighting in a picture.” - Isao Echizen, a professor at Japan’s National Institute of Informatics

The peace sign is a common expression in social media pictures, but this technique could conceivably be applied to other common gestures like waving or giving a thumbs up. Matched with a person’s face, that makes for a significant amount of biometric data that identity thieves could do real damage with.

How Thieves Could Get Fingerprints From Selfies

The technique described by Echizen uses no special software, but does require good lighting - so for the moment you can feel free to flash whatever signs you like when the light is low. As mobile cameras become more and more powerful, though, selfies will become a bigger security liability.

The better alternative might be to make sure you aren’t relying on fingerprint security measures whenever possible. Or just avoid selfies altogether.

No comments:

Post a Comment