Skip to main content

Now researchers can fool fingerprint scanners with an ordinary inkjet printer

Mobile Phone Fingerprint Spoof Attacks
The dawn of the fingerprint sensor finally brought convenient security to our smartphones, or so we thought. Researchers at Michigan State University, however, were able to demonstrate how an inkjet printer can print a 2D image of a fingerprint in order to unlock smartphones.
Recommended Videos

The secret is in the ink and paper. You’ll need to use silver conductive ink, which is designed to print circuit boards, and a special paper designed for printing electric circuits. The researchers used AgIC silver conductive ink cartridges, as well as AgIC conductive paper. The cartridges come in a three-pack and replace the Yellow, Magenta, and Cyan colored cartridges in the inkjet printer.

This method really isn’t new, but it’s a more efficient version of how it was done in the past.

The other major step is grabbing the fingerprint itself. The fingerprint image was achieved by scanning a finger at least 300 dots per inch (dpi), followed by reversing the image in a horizontal direction.

Once printed, it’s a simple as cutting the paper down to a little larger than the fingerprint itself. The experiment involved placing the small piece of paper with the printed fingerprint on the sensors of the Samsung Galaxy S6 and Huawei Honor 7. As you can see in the video above, the printed fingerprint easily unlocked the devices.

The report implies this method can be done on most smartphones with a fingerprint sensor, but an iPhone was never used in the demonstration. The researchers said newer phones might not be able to be spoofed, but they didn’t get into specifics.

This method really isn’t new, but it’s a more efficient version of how it was done in the past. Scanning a fingerprint is the easy part, assuming you have the finger, but the printing process was more tedious. Previous methods involved printing a 2.5D image using latex milk or white wood glue. The problem is that it took 20 to 30 minutes for it to dry, whereas silver conductive ink is instant.

Huawei Honor 7
Huawei Honor 7 Image used with permission by copyright holder

The researchers hope this experiment will persuade smartphone manufacturers to develop better anti-spoofing techniques. However, they warn that even if better techniques are released, hackers will likely develop improved strategies to thwart those newer systems. Isn’t that the cycle of hacking?

Now before anyone goes into a panic, there are a lot of things that need to go right before anyone can do this to your phone. The first thing is they have to know you as the owner of the phone in order to get a clean image of your fingerprint. Scanning a finger is by far the best method, but it’s unlikely a hacker will able to trick you into placing your finger on an image scanner.

However, it’s possible a fingerprint could be lifted off of the device. The report mentions how Germany’s Chaos Computer Club was able to lift fingerprints off of the iPhone’s glass surface by taking a picture or scanning it at 2400 dpi or higher. However, this shouldn’t be mistaken for stealing the fingerprint that’s actually saved on the phone’s memory itself, it’s merely taking a picture of a smudged fingerprint that’s left behind. I will let you be the judge as to the chances that a hacker would be able to get a clear image of your fingerprint off of your device at any given time.

It should also be noted that AgIC’s cartridges only work on specific Brother printers, which have been discontinued. Obviously used models are available online, but a hacker would need to deep clean the heads several times in order to remove any residue left from the colored cartridges.

It’s possible the conductive ink could be used to fill other branded inkjet cartridges, but Steve Hodges, head of the sensors and devices group at Microsoft Research in Cambridge, prefers Brother printers because they are known to eject higher volumes of ink per nozzle than other brands. We haven’t seen similar tests using other printer brands, so it’s unclear if they can be used.

So using this method could potentially give a hacker access into your phone, but it won’t be easy. If it were, the FBI wouldn’t need Apple to unlock phones. Plus, you always have the opportunity to remote wipe your device before anyone can break into it.

Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
Google responds to complaints about Pixel 6 fingerprint sensor
Side view of the Google Pixel 6 Pro.

Owners of Google’s new Pixel 6 smartphone have been complaining about the slow response time of its in-screen fingerprint sensor, or its failure to work at all.

That’s a real pain in the neck (or finger) when you’re left prodding the display in an increasingly desperate bid to access your new Google handset, with many owners ending up having to tap in their PIN.

Read more
You can now move WhatsApp messages between Apple’s iPhones and Google’s Pixels
Google Pixel 6 Pro in Sorta Sunny color.

Switching between iPhones and Android phones has never been easier, with both operating systems offering tools to move your apps and as much data as you can between devices. Now, Google just made the switch even more painless as it now lets you transfer WhatsApp chats between iPhones and Pixels with a new update.

Despite SMS and iMessage's popularity in the U.S., WhatsApp remains a widely used messaging app in every other country. While the service makes moving to new phones in the same ecosystem seamless, it's often been impossible to switch between devices running on different operating systems. A switch between an iPhone 8 to an iPhone 13 might work fine, but trying to move your WhatsApp account to a Pixel 6 would mean leaving all your messages behind.

Read more
The Moto 360 and other older Wear OS watches can now download YouTube Music
Moto 360 watch face

Google is further expanding YouTube Music's availability on Wear OS to even more older watches. The company initially launched the app on Wear OS 3, with exclusivity to the Galaxy Watch 4, but rolled it out to a selection of older smartwatches powered by the Snapdragon Wear 4100 platform last month. A new report notes that smartwatches like the Moto 360 can now get it, too.

Google has confirmed the expanded selection, but the company did not share exactly which watches were eligible. Instead, Wear OS users are encouraged to check the Play Store and see if their device is eligible. As it has been seen on the Moto 360 and TAG Heuer Connected watches, 9to5Google speculates it could be rolling out to watches powered by the Snapdragon Wear 3100. This should encompass quite a few Wear OS watches, including the Fossil Gen 5, the Montblanc Summit, and the Suunto 7.

Read more