The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Vein authentication already hacked with a fake hand

2019-01-01 18:04 by

 

Two hackers managed to trick a vein scanning system just by using a simple wax hand. Jan Krissler and Julian Albrecht built a fake model using a total of 2,500 photos of a hand that was previously configured with a vein authentication system.

What they did was take pictures of their hands using a modded SLR camera with the infrared filter removed. At a distance of five meters, the camera was able see vein patterns underneath the skin. The images were then used to make wax replicas, which in turn were able to fool a vein authentication system.

Using the wax hand, the pair were able to bypass scanners manufactured by Hitachi and Fujitsu, which they say make up 95 percent of the systems used in the vein authentication market.

Vein authentication works with systems that compare a user's placement of veins under their skin compared to a copy on record. According to a recent report from German news wire DPA, the BND, Germany's signals intelligence agency, uses vein authentication in its new headquarter building in Berlin.

Krissler has a track record for biometric hacking; in 2013 he bypassed Apple's Touch ID within 24 hours of its launch in Germany, he demonstrated similar skill in faking the German defence minister's fingerprint and has more recently, demonstrated vulnerabilities in iris scanning technology. The hacker explained pragmatically that bio-security is "always an arm race". It wouldn't be surprising if Fujitsu and Hitachi update their scanning systems in the wake of this news, despite playing it down.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About