News

Scary Study Says iPhone's Fingerprint Scanner Is Way Less Secure Than You Think

by Alexandra Strickler
REUTERS

The invention of the iPhone fingerprint scanner was pretty dope when it first came out.

It felt like some serious "Men in Black" shit to simply press my thumb to the home button and watch all my apps magically appear before me.

But, as always, there's a catch to this system.

Researchers from New York University and Michigan State University recently uncovered vulnerabilities in common fingerprint scanners.

They claimed they were able to create a set of synthetic "master prints," which can apparently match multiple patterns, and thus bypass the system up to 65 percent of the time.

Since fingerprint readers on today's smartphones are usually pretty small, they'll typically ask you to scan different parts of your fingerprint to ensure just one press of your thumb or finger will activate the sensor.

But, as we all know, only one of these partial scans needs to be a match in order for the sensor to unlock the phone.

Many people (including myself) register multiple fingerprints on a device, which means there are literally countless different partial prints registered on any given phone, leaving the device pretty damn vulnerable to a breach.

Nasir Memon, a researcher on the study from NYU, told The Telegraph,

There's a much greater chance of falsely matching a partial print than a full one, and most devices rely only on partials for identification.
Shutterstock

However, it's not quite time to freak out over this just yet.

In the study, which was published in the most recent edition of IEEE Transactions on Information Forensics & Security, the researchers only tested their findings in computer simulations, rather than on real smartphones.

Still, they claim the technology to create artificial physical fingerprints is improving rapidly, which is definitely cause for concern.

Apple maintains the iPhone's Touch ID scanner has only a one in 50,000 chance of matching with another person's fingerprint.

If you're still feeling worried about people hacking into your device, The Telegraph recommends securing your phone with additional safeguards, such as a longer and more complex passcode or disabling Siri when the phone is locked.

Citations: MasterPrint: Exploring the Vulnerability of Partial Fingerprint-based Authentication Systems (IEEE Xplore Digital Library), Why your smartphone's fingerprint scanner isn't as secure as you might think (The Telegraph), About Touch ID security on iPhone and iPad (Apple)