Check the fingerprint scanner. If Touch ID doesn't recognize your finger well, try this

What is a fingerprint and how can you fool a fingerprint scanner? Essentially, an imprint is papillary patterns on the skin. That is, protrusions and recesses that form a certain pattern. Each person has their own, individual ones.

Formation of papillary patterns

The formation of such patterns occurs around the 12th week of the fetus. At the same time, the nervous system is also formed. The pattern is influenced by many factors. This includes the position of the fetus in the womb, the genetic code, the state of the environment, the mother’s diet, and much more.

The pattern can be restored with minor damage to the epidermis. In this article we will look at whether and how it is possible to fool the fingerprint scanner, as well as how it works on modern phones.

Determining a person's identity by his fingerprint is one of the most reliable methods of identification. More accurate methods include only DNA analysis and retinal scanning.

How does a fingerprint scanner work?

The fingerprint scanner must do two things:

Get pattern image
Check if it matches the fingerprints in the database.

Scanning

Smartphones are now equipped with optical scanners. The principle of their operation is similar to that of a digital camera. A matrix of LEDs illuminates the pattern itself, and a microcircuit of light-sensitive LEDs takes a picture at this time.

When light hits an LED, it produces an electrical charge. Thus, a pixel is formed in the future image of the pattern. The color of the pixel varies depending on how much light hits it.

Pixels of different intensities form a pattern. Before matching the print with the database, the scanner checks the brightness and clarity of the image. If the results are unsatisfactory, the entire image acquisition process is repeated.

Fingerprint analysis

The resulting image is analyzed by software. Recognition occurs using complex algorithms.

All patterns can be divided into three main types:

arc,
loopback
helical.

Once the pattern type is determined, the scanner looks for minutiae. These are the places where the pattern line ends. For example, a line breaks or splits. The uniqueness of a fingerprint lies in the minutes. The scanner recognizes how the minutes are positioned in relation to each other. To do this, the entire drawing is divided into small zones. Each section includes a certain number of minutes. Their location data is recorded.

Similar areas of the fingerprint and database under study are analyzed. If the patterns are the same, the owner of the fingerprints is the same person. The scanner does not compare absolutely all lines of the pattern. It only looks for similar patterns in blocks and draws conclusions based on this data.

Types of fingerprint scanners

There are two types of optical scanners:

Apple scanners (iPhone 5s and later) take a photo of your finger as it touches the phone's screen.
Another type of scanner takes multiple images at once while you swipe the screen. This scanner was used in Samsung Galaxy S5 smartphones. Later the scanner was replaced with the first type. It is more convenient, but at the same time more expensive, since you need to use a large matrix.

All scanners of this type have one drawback: scratches and dirt can damage it.

Surely, many have ever wondered how to fool a fingerprint scanner and is it even possible? The answer is yes. Of course, the company understands now and understood before when creating similar phone functionality that any biometric system can be deceived.

It is enough to make an impression of the phalanx of the finger and touch it to the scanner. In addition, the owner of the phone can be forced to place his finger on the device.

Apple has thought of some security measures for such cases. But still the method has a right to exist. Older iPhone models can be fooled by simply printing a high-resolution photo of your finger.

As you can see, there are several ways to fool the fingerprint scanner. Moreover, if this is difficult to do on iPhones, then on smartphones with Android OS the situation is much simpler.

With the release of the iPhone 5s, Apple offered users an alternative method of unlocking smartphones and protecting important data - a fingerprint scanner. Since then, the fingerprint reading mechanism has been used in all mobile gadgets of the Californian corporation, and has become one of the factors in the abandonment of the usual “Slide to unlock” gesture.

Despite the fact that Apple engineers are constantly improving existing solutions, sometimes they fail. For example, the Touch ID fingerprint scanner may refuse to read the data of the smartphone owner. In order for Touch ID to correctly perceive the iPhone owner’s fingerprint again, you need to do a few simple manipulations.

Enable Touch ID unlocking in Settings

Before you start looking for the cause of the Touch ID malfunction, you need to make sure that fingerprint recognition is enabled. To do this, go to Settings - General - Touch ID and password and check whether the ability to unlock the iPhone using a fingerprint is activated. To be sure, you can turn this option off and on again by moving the toggle switch.

Clear scanner

If the ability to unlock using a fingerprint is enabled, but the scanner does not respond, you can begin to find and solve the problem. The first step is to thoroughly clean the Touch ID scanner. Perhaps dust or other dirt has accumulated on it, particles of which prevent normal fingerprint recognition.

Update the operating system to the latest version

Apple releases a major update to iOS and macOS once a year. Throughout the year, less significant updates appear that correct minor errors in the operation of the software and hardware of devices. Perhaps the Touch ID fingerprint scanner is not working correctly due to outdated firmware. To update it you need to go to Settings - General - Software Update.

Correct finger placement

Sometimes the reason the Touch ID scanner doesn't work correctly is because your finger is placed incorrectly. You need to make sure that your finger completely covers the fingerprint scanner, that you don't remove your finger too quickly, and that the system has enough time to scan.

Adding more fingerprints

Apple has provided the ability to add five different fingerprints with which you can unlock your iPhone. These can be different fingerprints from the same person, then when you try to unlock you won't have to use only one finger all the time. It could also be the fingerprints of family members who may be using the device.

When adding new fingerprints, make sure that the system fully and correctly read and recognized them. A partially scanned fingerprint will not allow you to unlock your iPhone in the future.

It is also worth making sure that the smartphone recognizes the owner’s fingerprints during the cold season. To do this, you need to add one scanned in the cold to the list of recognized fingerprints. Since low air temperatures can partially change the fingerprint, making it narrower, a scanner that stores a regular fingerprint in its database may incorrectly perceive a frozen fingerprint.

What's true and what's not when it comes to fingerprint sensors and multi-factor authentication on mobile devices?

It seems that not a single day can pass without news of hacking. As more and more data about our personal and business lives is shared online, the Internet has become a target for many criminals and other miscreants trying to get their hands on valuable personal information or company secrets. This has made smartphones and personal computers very attractive targets for cybercriminals, which in turn has led to the use of fingerprint sensors as a means of reliably identifying the legitimacy of a device user.

However, there is a huge amount of misinformation associated with fingerprint sensors. Therefore, it is time to study the facts about these sensors and see if the belief that they can be easily hacked is wrong.

1. A fingerprint is easy to fake.

Not true. Despite what you see in movies or demos from security vendors, spoofing a fingerprint through high-resolution photography or latent fingerprint recovery is extremely difficult. This technique is called a “spoofing attack” and is a technical challenge. Very few criminals would use this method, and if they did, it would only be to gain access to sensitive data, not to the average user's computer.

The main reason this Myth #1 exists is that demonstrating spoofing is very easy if you are a willing participant. With a lot of practice and a lot of patience, it is possible to create an imitation of your fingerprint by carefully making a mold from various materials such as glue and clay. But even this is not at all simple, and is made even more difficult by the constant emergence of new anti-spoofing algorithms.

2. Optical sensors are less secure than capacitive sensors because they store the actual image of the fingerprint.

Not true. A smartphone or PC that respects basic privacy and security principles will never store a complete image of your biometric data. They transform the data into a "template" where some parameters are retained and the rest are discarded. Then, when storing the abstracted data, the template is encrypted.

Since the template only stores certain information about the scanned image, and not the image itself, it is not possible to recover a fingerprint from the template. Therefore, even if the fingerprint template is somehow extracted, decrypted and read, this information will be useless to reconstruct the image of the original fingerprint. This basic principle applies to both optical and capacitive sensing technology.

3. If an attacker gets your fingerprint from your phone or computer, they can use it to access your phone.

Not true. As stated in Myth #2, the fingerprint image will not be saved in your PC or smartphone. And if fingerprints are not saved, then they cannot be stolen from your device.

4. Multi-factor biometric authentication in mobile devices is complex and expensive.

Partially true. This is easy because many mobile devices already have fingerprint sensors and front-facing cameras, so expect to see rapid growth in the use of multi-factor authentication based on your fingerprint or facial image (Figure 1). Other combinations will likely follow, including retinal and voice recognition.

The difficulty is that combining multiple biometric parameters into a single trust criterion is a complex combination of science and art, and the algorithms for this must be carefully tested. However, you can expect them to be available in the very near future. Ultimately, we will see a robust ecosystem supporting universal multi-factor authentication across platforms and applications.

5. Contextual factors are not enough to ensure mobile device security.

True, but... it must be said that contextual factors alone are not enough to ensure the security of a mobile device. When combined with biometric authentication, they can be part of an overall very strong and user-friendly solution. For example, modern smartwatches can remain unlocked as long as you don't take them off. In the future, your device will be able to use contextual factors such as location, proximity, room conditions, etc. to remain unlocked as long as you are in your office or authorize transactions without additional authentication.

6. Fingerprint sensors should be on the Home button or on the back of the smartphone.

Not true. Fingerprint sensors come in a wide range of designs, including thin sensors that can be placed in the power button on the side of the phone. In addition, the new sensors can detect fingerprints while working under the protective glass of the screen, allowing you to remove the Home button and use the entire surface of the smartphone for the display. And in the future, we will see solutions where any area of the screen can effectively scan fingerprints. (Please note that the fingerprint sensor of the smartphone shown in Figure 2 is located behind the glass of the screen).

7. Biometric authentication is for security purposes only.

Not true. There are many ways in which this information can be effectively used once the user's identity has been established. For example, it can be used to customize the user interface or to take into account user preferences. Here's an example: Scanning a fingerprint on the engine start button sets seat positions, mirrors and infotainment options to suit the user's needs (or can even be used by the insurance company, car rental company, etc.). Scanning your fingerprint in a Smart Home can unlock doors, turn on preferred lighting and mood-setting music, and restrict access to certain features or areas of the home (when shown to a buyer).

8. Optical sensors are too large and consume too much power to be used for fingerprint scanning in mobile devices.

Not true. Nowadays, technological advances have made optical sensors miniaturized and efficient enough to be used in mobile devices, and they will be supplied in industrial quantities in the near future. And even better, some optical sensors create a deeper image of the fingerprint, allowing you to obtain more detailed information about the fingerprint that will be used in the template.

9. All fingerprint scanning solutions are the same, so price is a deciding factor.

Not true. Fingerprint sensor suppliers offer vastly different solutions, covering different technologies (e.g. capacitive and optical), different levels of security, a variety of design options, a wide range of power consumption and durability characteristics, and especially software solutions.

This is not just a hardware fingerprint sensor. This is a two-pronged solution, where software and hardware work together as one, and both elements must include security features. The quest for cheapness could result in phone makers or anyone in the mobile payments ecosystem being left out of the market if proper security measures are not in place.

10. Biometrics are too complex and expensive for use in enterprise environments.

Not true. Fingerprint-based solutions in enterprise environments are more secure than typical username and password configurations. They also eliminate cumbersome password changes and IT support calls, making them easier to maintain and support. In today's cloud-based business world, where devices can connect to corporate networks anywhere in the world, this is very important. Additionally, legacy personal computers without biometric support can easily be upgraded with one of the peripheral fingerprint sensors on a USB key or a mouse with a built-in fingerprint sensor.

11. Encryption is sufficient to protect the fingerprint template.

Not true. The purpose of encryption is to protect the template file while it is stored, typically in small non-volatile memory. However, there are many cases where the pattern must be deciphered primarily during the matching process. During such operations, the template must also be protected.

In some cases, the security architecture will be a trade-off between security and cost. Such decisions include:

Match in host:
A control processor is used to verify the fingerprint match.
Protected element:
Fingerprint matching is performed by a separate integrated circuit, usually with its own secure memory.
Match in sensor:
The entire matching algorithm and memory are built into the fingerprint sensor itself. It should be noted that the "sensor match" architecture ensures a secure startup of the personal computer by preventing the system from booting before fingerprint authentication is confirmed.

So what is a fingerprint scanner?

This is a type of biometric security technology that uses a combination of hardware and software methods to recognize a user's fingerprint. It identifies and authenticates a person's fingerprints to allow or deny access to a smartphone, app, and other places that need protection from unwanted interference. There are many other ways to protect personal information, such as: biometrics, iris scanning, retinal scanning, facial feature scanning, and so on, right down to a special blood or gait test. By the way, gait analysis was demonstrated in the Mission Impossible film series with Tom Cruise. Some smartphones even use an iris scanner, but the implementation of this feature is naturally far from ideal. Why a fingerprint scanner? It's simple: fingerprint scanning boards are quite cheap and easy to manufacture and use. Touch the scanner and your Redmi Note 3 is instantly unlocked and ready to use.

Just as there are different types of biometric security technologies, the types of fingerprint scanners have different technologies and implementation methods. There are three types of fingerprint scanners:

Optical scanners;
Capacitive scanners;
Ultrasound scanners.

Optical scanners

Optical fingerprint scanners are the oldest method of capturing and comparing fingerprints. As you might guess from the name, this method is based on capturing an optical image of a fingerprint. Essentially, it is a photograph of a fingerprint that, once captured, is processed using special algorithms to detect unique patterns on the surface, such as ridges and unique curls, by analyzing the lightest and darkest areas of the image.

Just like a smartphone camera, these sensors have a finite resolution and the higher the resolution, the finer pattern details the sensor can discern on your finger, the greater the security. However, these sensors have much higher contrast than a typical camera. They typically have a very high number of diodes per inch to capture images at close range. But when you put your finger on the scanner, its camera doesn’t see anything, because it’s dark, you object. Right. Therefore, optical scanners also have entire arrays of LEDs as a flash to illuminate the scanning area. Obviously, this design is too bulky for a phone, where the thinness of the body plays an important role.

The main disadvantage of optical scanners is that they are quite easy to fool. Optical scanners only capture 2D images. Many have seen how, with the help of simple manipulations with the same PVA glue or simply with a high-quality photograph, a scanner is hacked and access to your important documents or cats is obtained. Therefore, this type of security is not suitable for smartphones.

Just as you can now find smartphones with resistive screens, you may also find optical fingerprint scanners. They are still used in many areas, except those where real security is needed. Recently, with the development of technology and the increasing demand for more serious security, smartphones have unanimously adopted and are using capacitive scanners. They will be discussed below.

Capacitive scanners

This is the most common type of fingerprint scanner today. As the name suggests, the capacitor is the main scanning module in a capacitive scanner. Instead of creating a traditional fingerprint image, capacitive scanners use arrays of tiny capacitor circuits to collect fingerprint data. Capacitors store electrical charge and, if you place your finger on the surface of the scanner, the amount accumulated in the capacitor will be slightly changed in those places where the ridge on the pattern touches the plate, and will remain relatively unchanged where the depressions on the pattern are opposite. An op-amp integrator circuit is used to track these changes, which can then be recorded by an A/D converter.

Once the fingerprint data has been captured, the data is converted into digital data and searched for distinctive and unique attributes of the fingerprint, which in turn can be stored for comparison at a later stage. The main advantage of this technology is that it is much better than optical scanners. The results of the scan cannot be reproduced with the image and it is incredibly difficult to deceive using prosthetics, that is, a cast of the fingerprint. As written above, this is because when a fingerprint is recognized, slightly different data is recorded, namely, changes in the charge on the capacitor. The only real security threat comes from any hardware or software tampering.

Capacitive fingerprint scanners use fairly large arrays of these capacitors, usually hundreds, if not thousands, in one scanner. This allows for a highly detailed image of the ridges and valleys of the fingerprint. Just like in optical scanners, a larger number of capacitors provides a higher scanner resolution, increasing the recognition accuracy and, accordingly, the level of security, down to the recognition of the smallest dots.

Due to the larger number of components in the fingerprint recognition circuit, capacitive scanners are usually slightly more expensive than optical scanners. In early iterations of capacitive scanners, many manufacturers tried to reduce cost by reducing the number of capacitors needed for fingerprint recognition. Such solutions were almost always not very successful and many users complained about the quality of recognition, because they had to put their finger on it several times to scan the fingerprint. Fortunately, these days this technology has already been perfected and even a fastidious user will be satisfied. It is worth noting that if your finger is dirty or too wet/greasy, then the capacitive scanner will sometimes not be able to recognize the fingerprint. However, do they still wash their hands? :)

Ultrasound scanners

Ultrasonic fingerprint scanners are the latest in fingerprint recognition technology at the moment. This type of scanner was first used in the Le Max Pro smartphone. This phone uses technologies from the American company Qualcomm with its Sense ID.

An ultrasonic scanner uses an ultrasonic transmitter and receiver to recognize a fingerprint. The ultrasound pulse is transmitted directly to the finger, which is placed in front of the scanner. Some of this impulse is absorbed, and some returns to the receiver and is further recognized depending on the ridges, valleys and other details of the fingerprint that are unique to each finger. In ultrasound scanners, a sensor that detects mechanical stress is used to calculate the intensity of the returning ultrasonic pulse at various points on the scanner. Scanning for a longer period of time allows for additional fingerprint depth data to be captured, resulting in highly detailed 3D images of the scanned fingerprint. The use of 3D technology in this scanning method makes it the safest alternative to capacitive scanners. The only disadvantage of this technology is that at the moment it has not yet been developed and is too expensive. The first smartphones with such scanners are pioneers in this area. For the same reason, Xiaomi did not use an ultrasonic scanner in its flagship Mi5.

Fingerprint processing algorithms

Although most fingerprint scanners are based on very similar hardware principles, additional components and software can play an important role in fingerprint recognition. Different manufacturers use several different algorithms that will be most “convenient” for a specific processor model and operating system. Accordingly, the speed and accuracy of identifying key fingerprint characteristics may vary between manufacturers.

Typically, these algorithms look for where ridges and troughs end, intersect, and split into two. Collectively, the features of a print's pattern are called “minutiae.” If the scanned fingerprint matches several “little things”, it will be considered a match. What is this for? Instead of comparing entire fingerprints each time, minute-by-piece comparisons reduce the amount of processing power required to process and identify each fingerprint. Also, this method helps to avoid errors when scanning a fingerprint and, most importantly, it becomes possible to place your finger incompletely. You never put your finger exactly right, do you? Of course not.

This information should be stored in a secure location on your device and far enough away from code that could potentially compromise the reliability of the scanner. Instead of storing user data online, the processor securely stores fingerprint information on the physical chip in a TEE (Trusted Execution Environment). This secure zone is also used for other cryptographic processes and directly accesses security hardware platforms, such as the same fingerprint scanner, to prevent any software surveillance and any intrusion. These algorithms may differ from one manufacturer to another or may even be organized differently, for example, Qualcomm has the Secure MCM architecture, and Apple has the Secure Enclave, but they are all based on the same principle of storing this information in a separate part of the processor.

Fingerprint scanners have become a fairly secure alternative to remembering countless logins and passwords, and for secure payment transactions, scanners will eventually become a very common and important security tool.

Products that may interest you:

Global Version means that the product is released for the global market and meets international quality standards.

Rostest is a certification mark that guarantees that the device complies with all Russian norms and standards for environmental protection and user health. This sign does not imply any additional differences or advantages over other devices.