Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen

keybreak · March 28, 2024, 9:00am

honka_animated-128px-10

LDC · March 28, 2024, 12:50pm

A few years ago, a team of university researchers managed to capture speech from a printed photo, so that -while certainly remarkable- isn’t going to surprise me too much.

pzs · March 29, 2024, 2:22pm

Likewise, some years ago (probably within the last 10 years), the film grains from a silent film (c. 1905) provided information that was used to successfully reproduce the audio/sound from the scene. It’s quite surreal.

Unfortunately, I can’t find a source for this, but I definitely read about it and watched the silent film with the sound added on - the scene features (the sounds of) people walking through a city, and (that of) a trolley that passes by at some point.

drunkenvicar · March 29, 2024, 5:30pm

I’m the weirdo that skips the article and goes right to the linked journal study.

The peer review’s conclusion (Zhou et. al) is “utilizes users’ fingertip-swiping actions on the screen to extract fingerprint features and synthesizes powerful PatternMaster-Print sequences for fingerprint dictionary attacks. Extensive experimental results in real-world scenarios demonstrate that Printlistener can attack up to 26.5% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR setting of 0.01%,”

When success rate hits close to 100%, or even 97%, then depending on the error threshold of the fingerprint reader, you have created a 100% digital forgery of my prints….

What could go wrong? Especially with printlistener app not being FOSS .
-world.

I will admit I don’t know what ‘fingerprint dictionary attacks’ means in this context, or what it even is, but I’m sure it’s not good.

keybreak · March 29, 2024, 5:36pm

A fingerprint dictionary attack involves using MasterPrints, which are real or synthetic fingerprints that can match with a large number of fingerprints, to undermine the security of fingerprint recognition systems. These attacks exploit vulnerabilities in fingerprint systems by generating DeepMasterPrints, which are complete image-level MasterPrints with high attack accuracy. The attack method, known as Latent Variable Evolution, involves training a Generative Adversarial Network on real fingerprint images and using stochastic search to find latent input variables that maximize impostor matches. This technique has shown superior results compared to previous methods, highlighting the vulnerability of fingerprint recognition systems to dictionary attacks

To my credit, i’ve always thought that using any biometry is NUTS.

honka_animated-128px-35

But using finger sounds against touchscreen to ID a person…jeez