Could flashing the “peace” sign in photos lead to fingerprint data being stolen?
Foreign and domestic media outlets as well as Facebook posts are reporting that photos of one’s fingers flashing either a “peace sign” or “victory sign” are so high resolution today that hackers are capturing them and using the images for identity theft.
This all started on January 9th when researchers at Japan’s National Institute of Infomatics raised alarm bells over the popular 2 fingered pose.
Fingerprint recognition technology is becoming widely available to verify identities, such as when logging on to smartphones, tablets, laptop computers and electronic door locks.
The proliferation of mobile devices with high-quality cameras and social media sites where photographs can be easily posted is raising the risk of personal information being leaked, reports said.
The NII researchers were able to copy fingerprints based on photos taken by a digital camera three metres (nine feet) away from the subject.
“Just by casually making a peace sign in front of a camera, fingerprints can become widely available,” NII researcher Isao Echizen told the Sankei Shimbun newspaper.
Fingerprint data can be recreated if fingerprints are in focus with strong lighting in a picture. Advanced technology was not necessary and anyone could easily copy fingerprints.
Now “whisper around the world” as media outlets caught this story which they embellished as they reported it with headlines such as the following:
How YOUR selfies are allowing crooks to steal your identity… by zooming in on your FINGERS
HD lenses mean thieves can replicate your fingerprints
Celebrities most at risk, but fraudsters could hack smartphones and workplaces.
Although the articles routinely referenced “identity theft” (commonly interpreted to mean unauthorized use of financial accounts and personal identification documents), they also described hypothetical situations in which a fingerprint passcodes could potentially be replicated. In those instances, the “hackers” would require both a rendering of the fingerprints and personal devices belonging to their targets (such as a smartphone or point of sale access) to do any damage.
No evidence has been presented to demonstrate that hackers are currently using photographs to duplicate fingerprints in order to commit crimes or steal identities. The professor quoted on the possibility works with a laboratory that is developing a technology to secure fingerprints, and noted that technology of any sort was not necessary to copy them, as people leave them on surfaces throughout the day.
While the possibility exists that devices could potentially be compromised in this manner, the exaggerated headlines made the threat sound more plausible and immediate than it really is.