Researchers from Tencent Labs and Zhejiang University have unveiled a new attack called “BrutePrint” that targets modern smartphones by forcing fingerprints to bypass user authentication and take control of the device.
Bad news for Android smartphones, biometric fingerprint authentication would face a significant security problem, which would allow some hackers to bypass this authentication method to gain access to your device. Thanks to a new joint report from Tencent Labs and Zhejiang University, we now know thatIt is possible to use “brute force” to unlock your smartphone.
Brute force attacks rely on repeated attempts to crack codes or passwords and gain unauthorized access. Here, Chinese researchers successfully circumvented smartphone protections against brute-force attacks by exploiting two zero-day vulnerabilities: Cancel-After-Match-Fail (CAMF) and Match-After-Lock ( EVIL).
Your Android smartphone is not as secure as we thought
The researchers found that the biometric data on the serial peripheral interface (SPI) of the fingerprint sensors was not sufficiently protected, which made them vulnerable to a man-in-the-middle attack ( MITM), allowing the hijacking of fingerprint images.
To execute a BrutePrint attack, the attacker needs physical access to the target devicea database of fingerprints, which can be obtained from academic datasets or biometric data leaks, as well asequipment costing only around $15. Unlike password cracking, fingerprint matches use a benchmark threshold, which allows attackers to manipulate the false acceptance rate (FAR) in order toincrease the acceptance threshold and increase their chances of success.
Using a flaw in Android, hackers are able to inject a checksum error to prematurely abort the authentication process, and perform an unlimited number of fingerprint attempts without the device recording failures. The final element of the BrutePrint attack is to use a “neural-style transfer” system to transform all fingerprint images in the database to resemble scans from the target device’s sensor, thereby which increases the chances of success.
iOS smartphones are more resistant to these attacks
The researchers conducted experiments on ten Android and iOS devices and found that they were all vulnerable to at least one flaw. While Android devices allowed an infinite number of fingerprint attempts, iOS devices have proven to be more robust in preventing brute force attacks.
BrutePrint raises concerns about device security and privacy. Although the attack requires prolonged access to the target device, it can prove invaluable to thieves and law enforcement, as it potentially allows criminals to unlock stolen devices and extract private data. The use of these techniques in investigations also raises ethical issues and may violate the right to privacy.