How hackers are stealing people’s fingerprints with their photos

Millions of people take selfies posing in such various ways, like doing the sign of peace hand gesture. This is a very common thing and it has not caused problems for anyone, at least not until now, because many cybersecurity specialists claim that with the technological resources available today, such a photo is all that a hacker needs to compromise all a person’s information.

Carlos Gutierrez, an FBI consultant expert, claims that a hacker could copy the fingerprints of anyone using a high-resolution camera.

“Smartphone cameras are increasingly equipped with better resolution; by just zooming in a photo you could see a person’s fingerprints. There have already been reports of cloning fingerprints from photographs,” says the cybersecurity expert. “With access to this information hackers could break into bank accounts, request credits, and unlock mobile devices, among other malicious activities”.

In addition, he notes that the use of fingerprints as a means of authentication could further compromise the user than the traditional username and password method: “Anyone can reset the password of their email or other platforms, but fingerprints are for life,” the expert adds.

It should be noted that this attack variant requires various conditions to be met; to begin with, the camera with which the photograph was taken must have a very high resolution, in addition the fingertips of the person appearing in the photo must be in the appropriate position for the fingerprints to be sufficiently visible.

The good news is that not everything is lost. Teams of experts are developing a protective layer for our hands that would cover our fingerprint, preventing hackers from getting it with just one photo.

Faced with the potential risk of becoming victims of identity fraud, cybersecurity specialists from the International Institute of Cyber Security (IICS) recommend users who like to post their photos constantly applying some modifications, such as cropping the image so that the fingerprint doesn’t appear full sized or applying filters that make it difficult to see the image.

Some hackers have successfully attempted fingerprint cloning before; a few years ago, Jan Krissler forged Apple‘s TouchID sensors when the iPhone 5S was released using only the stain of a fingerprint on the sensor screen. The hacker managed to create a fake finger with that fingerprint and unlocked the device. A year later, the same hacker used some photos posted on Internet pages to falsify the fingerprint of Germany’s defense minister.