Mian Wei, a Chinese student at the Rhode Island School of Design, has created an experimental series of fake fingertips with randomly generated fingerprints that work with Apple and Android fingerprint authentication schemes, as well as many others.
Biometrics make for difficult authentication tokens. By their very nature, they tend to leak (as Wei points out, every Starbucks trashcan is filled with fingerprint-bearing cups that have their former owners' names on them), and once they do, there's no way to change them. As more entities demand the use of fingerprints from their users, the chances of one of those entities making a fatal error that leaks tens or hundreds of millions of fingerprints only increase.
Wei's prosthetic is called "Identity." Identity users are able to cycle out the fingerprints they use with authentication systems if they are worried that the old one has leaked. Though they were originally created for a year-end student show, Wei is now speaking to manufacturers about making them into consumer products.
In China, where Wei is from, citizens are required to register their fingerprints and it’s commonplace for people to lock their homes with fingerprint readers. “I think of the danger of fingerprint sensing as something we missed because of our craving for technological advancement,” he said.
Wei debuted his small, disposable finger prosthetic in May at a year-end RISD student exhibition. The Identity pad is made from a conductive silicone-based material, containing fibers that form an impression that will be accepted as a fingerprint on any consumer-grade fingerprint sensor.
Fake fingerprints: The latest tactic for protecting privacy
[Joshua Kopstein/CS Monitor]
The CBC asked me to write an editorial for their package about Canadian identity and politics, timed with the 150th anniversary of the founding of the settler state on indigenous lands. They’ve assigned several writers to expand on themes in the Canadian national anthem, and my line was “We stand on guard for thee.”
In a paper for IEEE Security, researchers from Cyberpion and Israel’s College of Management Academic Studies describe a “Password Reset Man-in-the-Middle Attack” that leverages a bunch of clever insights into how password resets work to steal your email account (and other kinds of accounts), even when it’s protected by two-factor authentication.
U.S. Girl Scouts as young as 5 years old will soon be able to earn their first-ever cybersecurity badges. 18 of these merit patches will be launched by the Girl Scouts of the USA starting in September, 2018.
If you struggle to get a good night’s rest, consider replacing your pillows before dropping hundreds on a new mattress. You can give your tired neck a break with a 2-pack of memory foam pillows, available now in the Boing Boing Store.Each of these pillows is stuffed with cooling polyurethane foam that molds to your […]
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]