Biometric security systems such as fingerprinting, voice recognition, and iris scanning are based on unique physical traits and considered to be some of the most secure methods to verify the identification of a person. However, scientists from New York University (NYU) have recently created an artificial intelligence (AI) tool that can generate human fingerprints and dupe the biometric authentication system.
Fingerprinting technology is deployed in billions of mobile devices, especially smartphones, across the world as widely trusted and ubiquitous method of biometric authentication. With development of the new AI tool, even most secured methods are vulnerable to being compromised digitally, news reported. The findings have become a real concern as the fake fingerprint – developed using a neural network – was able to fool the touch-based authentication systems for one in five people.
Researchers compared the new ‘DeepMasterPrints’ to a master key that can unlock any door in the building. The prints employ AI to match large number of fingerprints stored in databases and could theoretically unlock numerous devices. In a previous research by NYU professor Nasir Menon, who coined the term ‘MasterPrint’, it was demonstrated that many fingerprint-based systems use partial fragments of a fingerprint, instead of full ones, to confirm an individual’s identity.
Several devices typically enable users to enroll various finger images, suggesting that matching any saved partial print would be enough to confirm the identity. However, the partial images of the fingerprints are much less likely to be unique and unchangeable. This allowed the researchers to stitch together different fragments in order to develop the ‘MasterPrints’ that are capable of matching partial prints stored in the database and trick the touch-based verification systems.
In the latest study, the researchers trained a machine-learning algorithm to synthesize fingerprints as MasterPrints. According to researchers, they are potential for attacking fingerprint-accessible devices where multiple finger images are stored.
Although fingerprint technology is regarded as strong method to secure a device or a system, most authentication system do not verify whether the prints are coming from a real person or a replica, lead author Phillip Bontrager said.
These experiments revealed that the ‘DeepMasterPrint’ could be potentially utilized on a large scale, indicating the need for multi-factor authentication systems on devices.