2018 Volume E101.D Issue 1 Pages 2-12
Advances in fingerprint authentication technology have led to it being used in a growing range of personal devices such as PCs and smartphones. However, they have also made it possible to capture fingerprints remotely with a digital camera, putting the target person at risk of illegal log-ins and identity theft. This article shows how fingerprint captured in this manner can be authenticated and how people can protect their fingerprints against surreptitious photography. First we show that photographed fingerprints have enough information to spoof fingerprint authentication systems by demonstrating with “fake fingers” made from such photographs. Then we present a method that defeats the use of surreptitious photography without preventing the use of legitimate fingerprint authentication devices. Finally, we demonstrate that an implementation of the proposed method called “BiometricJammer,” a wearable device put on a fingertip, can effectively prevent the illegal acquisition of fingerprints by surreptitious photography while still enabling contact-based fingerprint sensors to respond normally.