Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks

Your fingerprints can be recreated from the sounds made when you swipe on a touchscreen — Chinese and US researchers show new side channel can reproduce fingerprints to enable attacks

Researchers claim they can successfully attack up to 27.9% of partial fingerprints.

h  ttps://www.tomshardware.com/tech-industry/cyber-security/your-fingerprints-can-be-recreated-from-the-sounds-made-when-you-swipe-on-a-touchscreen-researchers-new-side-channel-attack-can-reproduce-partial-fingerprints-to-enable-attacks

Fingerprint security

(Image credit: Pexels)

An interesting new attack on biometric security has been outlined by a group of

researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS). The attack leverages the sound characteristics of a user’s finger swiping on a touchscreen to extract fingerprint pattern features. Following tests, the researchers assert that they can successfully attack “up to 27.9% of partial fingerprints and 9.3% of complete fingerprints within five attempts at the highest security FAR [False Acceptance Rate] setting of 0.01%.” This is claimed to be the first work that leverages swiping sounds to infer fingerprint information.

Biometric fingerprint security is widespread and widely trusted. If things continue as they are, it is thought that the fingerprint authentication market will be worth nearly $100 billion by 2032. However, organizations and people have become increasingly aware that attackers might want to steal their fingerprints, so some have started to be careful about keeping their fingerprints out of sight, and become sensitive to photos showing their hand details.

Without contact prints or finger detail photos, how can an attacker hope to get any fingerprint data to enhance MasterPrint and DeepMasterPrint dictionary attack results on user fingerprints? One answer is as follows: the PrintListener paper says that “finger-swiping friction sounds can be captured by attackers online with a high possibility.” The source of the finger-swiping sounds can be popular apps like Discord, Skype, WeChat, FaceTime, etc. Any chatty app where users carelessly perform swiping actions on the screen while the device mic is live. Hence the side-channel attack name – PrintListener.

There is some complicated science behind the inner workings of PrintListener, but if you have read the above, you will already have a good idea about what the researchers did to refine their AFIS attacks. However, three major challenges were overcome to get PrintListener to where it is today:

  • Faint sounds of finger friction: a friction sound event localization algorithm based on spectral analysis was developed.
  • Separating finger pattern influences on the sound from a users’ physiological and behavioral features. To address this the researchers used both minimum redundancy maximum relevance (mRMR) and an adaptive weighting strategy
  • Advancing from the inferring of primary to secondary fingerprint features using a statistical analysis of the intercorrelations between these features and design a heuristic search algorithm
PrintListener
(Image credit: Huazhong University, Wuhan University, Tsinghua University, University of Colorado Denver)
Posted in Breaking News

About the Author
Stew Webb served in the United States Marine Corps and was Honorable Discharge. Stew was a Realtor-General Contractor-Home Builder until 3 car crashes in 2010-2011 (attempted murders see picture my Van on concrete barrier below Breaking News column) and is now disabled. Stew turned Federal Whistle blower - Activist of 39 years and has been a guest on over 4,000 Radio and TV Programs since September 18, 1991 and now has his own Radio Network http://www.stewwebb.com .Stew was responsible for the Congressional Investigations and Hearings that lead to the Appointment of Independent Prosecutor Arlin Adams in the 1989 HUD Hearings, the Silverado Savings and Loan Hearings Neil Bush Director, the Denver International Airport Frauds Hearings, the MDC Holdings, Inc. (MDC-NYSE) Illegal Political Campaign Money Laundering Colorado’s biggest case aka Keating 5 Hearings and the information provided that lead to the 2008 Illegal Bank Bailout. Stew was held as a Political Prisoner from 1992-1993 to silence his exposure by Leonard Millman his former in law with illegal charges of threatening harassing telephone calls charges which were dismissed with prejudice. Leonard Millman, George HW Bush, George W Bush, Jeb Bush, Neil Bush, Bill Clinton, Hillary Clinton, Larry Mizel, Phil Winn, Norman Brownstein, John McCain and Mitt Romney to name a few are all partners in what is known as the Bush - Millman - Clinton Organized Crime Syndicate. Leonard Millman (Deceased 2004) was member of the "Illuminati Council of 13". Larry Mizel is now in control of this Organized Crime Syndicate RICO. I have contributed to the following books: * “Defrauding America”, by Rodney Stitch * "Drugging America", by Rodney Stitch * “The Mafia, CIA and George Bush” by Pete Brewton * “The Oklahoma City Bombing Power of Politics”, by David Hoffman * “Bushwacked” by Uri Dowbenko * “Silverado Savings and Loan” by Steve Wilmsen * “Drugging America” by Rodney Stitch * I was instrumental in brokering a deal that has lead to Al Martin’s new book “The Conspirators”, www.almartinraw.com I have known Al since 1991, when I had to hide from the FBI who tried to jail me for exposing,“The Bush Crime Family-Denver Connection-King Pin Leonard Millman”, my former-father-in-law. @@@@@ (Your kind and generous contributions are much appreciated and needed, Please copy and paste the link below into your browser to contribute today thank you Stew Webb. https://www.paypal.com/paypalme/SWebb822 Contributions by mail: Stew Webb federalwhistleblower@gmail.com Phone: 785-213-0160)

flagususmcflag

Contact Stew Webb

785-213-0160

PO Box 13538
Overland Park, KS 66282

federalwhistleblower@gmail.com

http://www.stewwebb.com/contact/

I Stew Webb have contributed to the following Books

http://www.stewwebb.com/books/

Current Radio Programs

http://www.stewwebb.com/stew-webb-radio-4-2/

Charlene Renee More Breaking News 2100 Show

https://www.2100show.com






“NEW”
Stew Webb Whistle blower Chronicles Video


October 25, 2010 Attempted murder of Stew Webb by 2 goons working for FBI JTFG Joint Task Force Group Kansas City, Missouri, Click on the picture to see additional information and pictures.

I am on social security disability because of 3 car crashes,  2 were attempted murder of me.

Click on the picture below and read the Private Investigators report Grandview, Missouri Police covered up for the FBI with a false report.  This broke every vertebra in my neck.–Stew Webb

Attempted Murder of Stew Webb

Grandview, Missouri Police Obstruct Justice and tried to Cover up the car crash by FBI Stooges and Killers.

SEE: PROOF (Exhibits 1-22)

Stew Webb December 3, 2023 my story how I became a US Whistle blower

Copy and Paste the like below in your browser:

http://www.stewwebb.com/2024/02/07/stew-webb-december-3-2023-my-story-how-i-became-a-us-whistle-blower/

 

StewWebb-USMC-1971

 

Chatty Gargoyle at Denver International Airport


Larry Mizel and the Pro Jewish Mafia

Breaking News

Archives