Biometric authentication, especially fingerprint-based, has become a secure and convenient method for protecting our devices, which is crucial in a world increasingly dependent on smartphones. In this Befree blog, we will explore a new development by cybercriminals in mobile security: BrutePrint, a technique that challenges the perception of fingerprint authentication’s invulnerability.
Fingerprint Security: A One-in-Millions Probability
Fingerprint authentication is seen as a secure option due to the extremely low probability of two fingerprints matching. This has led many smartphones to adopt this technology for locking devices. However, cybercriminals have developed new techniques to bypass it, such as the BrutePrint attack, which goes beyond traditional imitation methods.
What is BrutePrint and How Does It Work?
BrutePrint is a type of cyberattack specifically designed to bypass fingerprint authentication systems on smartphones. Unlike traditional brute force attacks, which try to guess passwords or keys by testing all possible combinations, BrutePrint focuses on exploiting vulnerabilities in fingerprint sensors. The attack works by trying a large number of fingerprints until it finds one that is similar enough to unlock the device.
The success of this attack relies on manipulating the False Acceptance Rate (FAR), a parameter that determines how many incorrect fingerprints are accepted by the system. By exploiting a vulnerability in the unencrypted communication between the fingerprint sensor and the phone’s operating system, BrutePrint increases the likelihood that a non-matching fingerprint will be accepted.
According to a study published on Arxiv, Android devices are particularly vulnerable to this type of attack, as many of them do not encrypt the communication between the fingerprint sensor and the system. In some cases, BrutePrint can succeed in as little as 40 minutes or take up to 14 hours, depending on the device.
Physical Access: The Crucial Requirement
Although BrutePrint can be effective, its primary limitation is that the attacker needs physical access to the device to connect and manipulate the fingerprint sensor. This is because the method requires physically connecting a device to the phone to intercept and manipulate the fingerprint sensor’s communication. Therefore, it is crucial to keep our phones out of unauthorized hands.
Additionally, the attacker uses a “fingerprint dictionary,” a database of multiple fingerprints that is adapted to the target phone’s specific sensor format. This increases the attack’s efficiency and success rate, using advanced techniques like neural style transfer to generate more accurate fingerprint images.
Why Are iPhones Better Protected?
iPhones are not immune to cyberattacks, but they have a significant advantage in protection against BrutePrint. Apple has implemented stricter security measures by encrypting communication between the fingerprint sensor and the system. This means that even if an attacker intercepts the communication, they cannot inject false fingerprints without being detected.
How to Prevent Physical Attacks?
Since physical access is required for BrutePrint attacks, the best way to protect our devices is to ensure they don’t fall into the wrong hands. Here are some key recommendations:
- Use complex passwords and regularly update your authentication method.
- Enable automatic locking to ensure your phone locks after a short period of inactivity.
- Always keep your device with you and avoid leaving it in public or accessible places.
- Enable location tracking and remote wiping to locate or erase data if your device is lost or stolen.
BrutePrint represents a new challenge to fingerprint security, though its effectiveness depends on physical access to the device. To protect ourselves, it’s essential to implement both digital and physical security measures and stay ahead of cyber threats.