Police Ask 3D Print Lab to Replicate Dead Man's Finger to Unlock Phone

[PinkyMacGodess]

In curious now, how did someone do it?

It took a while, but someone managed to do it. I remember the day. He was pissed. He didn't show up for a few days, and when he finally did, he wasn't quite the same. Very much more paranoid, as if he wasn't before. We all took it as a joke. He practically asked for it to happen. After that, the 'guilty' party stayed anonymous. I never found out who did it, and I doubt that he ever knew. The admin of the system wasn't amused, in public. But anyway...

Similar story that happened on a cruise on the Windjammer fleet. There was a fireman who was with a few other couples from the same area. The cruise company didn't have locks on the cabin doors (It was nearly 25 years ago now) and this guy, a 'prankster', was popping into the other couple's cabins and 'short sheeting' their beds. He thought it great fun! His guffaws could be heard across the entire ship at brekkies. UNTIL the others paid him back. I helped by serving as a lookout as they carefully 'altered' their bed. There was no laughing at breakfast that next morning. No joyful teasing back and forth. They didn't show for brekkies, and were largely absent that day. I think they actually left the ship at the next port. Talk about stupidity. If you can dish it, you better be able to accept it, or expect it...

Anyway, it's still funny when I see that sort of thing happen.

 

[kdarling]

Even without the lockout period, I don't think a 3D printed finger with metallic secret sauce will unlock the iPhone. We'll see, but that's my prediction.

As someone else noted, it's already been done many times, starting just after Touch Id came out.

In fact, the method to make a fake finger mold to fool this kind of sensor has been known since the turn of the century (I just love using that phrase). That's partly why fingerprint sensors fell out of favor with professional smartphone makers long ago.

Apple was smart enough to realize that it's still "good enough" for the majority of mass consumers, and brought it back.

Won't be long before criminals start kidnapping people to just get 3D scans of the victims fingers to be used later in some criminal act.

Heck, it's already been shown that a high resolution photo taken with a telephoto lens can be used to create a fake print as well.

It's not rocket science. The sensor is simply reading the differing RF values passed through layers of ridges and valleys and pores. Thus a fake fingertip with similar 3D topography, often simply licked to make it conductive to the Touch Id transmitter ring, works fine.

A more secure sensor would also watch for blood pulses, temperature, etc. But that would hugely slow down the recognition speed... and Touch Id is about convenience.

Anyway, this and the fact that fingerprints are registered by whomever has the phone PIN, not by an in-person validation by say, a bank, is why Touch Id and similar sensors are not proof that the print was of the actual phone owner. But it's good enough for most cases.