Professor Isao Echizen, with Japan's National Institute of Informatics (NII), stated that, so long as the photo is close, in focus, and reasonably well lit, it is possible for software to acquire fingerprints and use the image to steal a person's identity. The researchers found the best results came from photographs of people flashing the peace sign.
Unlike a password, which can be changed, fingerprints put a victim's identity at risk for life. "We shed physical biometric data wherever we go, leaving fingerprints on everything we touch, posting selfies on social media, and videos with friends and family. Much of this information can then be captured by fraudsters," according to biometrics expert Robert Capps, cited by The Telegraph.
"Once biometric data is stolen and resold on the Dark Web, the risk of inappropriate access to a user's accounts and identity will persist for that person's lifetime."
Fingerprints have come under fire in recent years as an unsafe method of identification, as they can be lifted from high-resolution photographs. A hacker demonstrated the ease of doing this in 2014, reverse engineering the fingerprint of German Defense Minister Ursula von der Leyen using publicly-available photographs.
Another hacker demonstrated the same action on German Chancellor Angela Merkel and on the Iphone's fingerprint security reader, using only household tools.
However, Echizen did not explicitly say that hackers are able to perform such a feat, only that they may be able to in the future. Jason Chaikin, president of biometrics company Vkansee, told Mashable that, "it's really not that easy" to steal a fingerprint by using a photographic image.
"If you have a picture that works, there's a real craft to being able to take that, size it, bring it into another application and print it out in the right scale with the right form and then transfer that to a mold to then make an impression."
He also pointed out that, in addition to a fingerprint, the hacker must have access to your device. A fingerprint does no good if a hacker does not also have the mobile device that the fingerprint biometrically protects. Even still, Chaikin says the problem will intensify in the future, causing biometrics companies to increase security standards.
Echizen said that his team has produced a prototype of a titanium film that covers one's fingers, to protect them from copying, but cautioned that the technology is two years away from the market. Another company, Goodix, is developing an improved fingerprint scanner that also scans the underlying tissue beneath the skin, in an attempt to improve biometric security.
