Fingerprint boot
Fingerprint mobile payment
......
For many mobile phone families
This has become a part of life
But recently a company in Suzhou reported
Mobile phone fingerprint unlocking has a terrible loophole
Just a piece of transparent tape + a conductive pen
You can break the mobile phone fingerprint recognition system in seconds
Easy to boot or even pay
Mobile phone fingerprint unlocking process
How does fingerprint unlocking work?
☟☟☟
step one
Take a piece of transparent tape + a conductive pen
â–³ Image from the network
Use a conductive pen on scotch tape
Feel free to draw some patterns
Step two
Align the pattern part with the phone fingerprint unlock button
Stick the scotch tape on your phone
Step three
Press the fingerprint unlock button with the thumb to unlock this phone
Turn the phone on and lock the screen operation 3 times
Then adjust the phone to lock screen
Step four
Press your index finger on the fingerprint unlock button
This mobile phone that was originally unlocked with a thumbprint
It was unlocked.
And now you can unlock it with any one finger.
Even with a piece of orange peel can be unlocked!
â–³ Image from the network
The consequences of this vulnerability are very serious! ! !
According to experts, in this experiment, the real function is not the transparent tape, but the pattern on the tape with conductive pen. As long as the tape is attached, the learning function of the mobile phone fingerprint recognition software will record the pattern drawn by the conductive paint as part of the owner's fingerprint.
After that, as long as the tape is attached to the fingerprint weaving sensor, the fingers of others are pressed again. Even if half of the fingerprints are wrong, the pattern of the conductive paint is still recognized as a fingerprint, thereby unlocking the phone.
Researchers say the cracking method is fine for any brand of mobile phone, so the privacy and secrets of the phone owner are at a glance.
If the payment method on the mobile phone is opened for fingerprint payment, it means that there is a security risk of property loss. Others can easily use this method to easily transfer your WeChat and Alipay fingerprints as payment confirmation.
Why is this vulnerability?
The researchers pointed out that the fingerprint unlocking mode of the mobile phone is completed by storing the next fingerprint pattern in the local database of the mobile phone when we first input the fingerprint of the mobile phone on the mobile phone.
After pressing the finger multiple times, it is in the local database of the mobile phone to identify, compare and store these patterns multiple times, and finally successfully fix these patterns in the local database of the mobile phone. When we press the unlock button again with the finger, the system compares the collected pattern information with the pattern information in the database. If the similarity set by the mobile phone software is reached, the mobile phone can be successfully unpacked.
However, the problem is exactly here.
The fingerprint recognition of the mobile phone is not 100% identical to the one we imagined to be verified by unlocking. It may be as long as 20% or so.
The researcher said that when the fingerprint button of the mobile phone is attached with the tape that moves the hands and feet, when the owner uses the finger button, the mobile phone will generate a new fingerprint pattern through the sensor. The new fingerprint pattern is equal to the conductive liquid pattern plus the fingerprint of the owner's finger. After the owner continuously locks the screen and then unlocks the fingerprint, the learning function of the smart machine can make it "smart" to remember the new fingerprint with the conductive liquid pattern. At this time, any finger of the owner or anyone's finger to unlock the fingerprint will form a new fingerprint with the same conductive liquid pattern, and the mobile phone can unlock the release as long as the conductive liquid pattern is recognized.
Don't let your phone go out of sight
Why do mobile phone manufacturers reduce the ratio of fingerprint recognition? Researchers believe that the low degree of recognition has a high success rate and is more convenient for customers to use. However, it cannot be ruled out that there is a possibility that the software system supplier's business level has caused such a large security hole.
Remind everyone: In your daily life, don't let your mobile phone leave your sight, don't give opportunities for people with ulterior motives, and do your hands and feet on your mobile phone to crack your fingerprint lock. If you find that the fingerprint sensor of the mobile phone is attached with a film with an unknown origin and a pattern, please remove it immediately and re-enter the unlock fingerprint.
Be alert!
Fstn Display,Fstn Screen,Positive Lcd Display,Fstn Lcd Display
Huangshan Kaichi Technology Co.,Ltd , https://www.kaichitech.com