Biometric authentication on smartphones can be as simple as using a PIN code, fingerprint or 3D facial recognition and even sensors that map out the blood veins in the palm of your hand. But there are still ways to get around such measures, and one user found that he could fool the in-display fingerprint reader on his Samsung Galaxy S10 with a 3D print of his fingerprint.
In a post on Imgur, user darkshark outlined his project: he took a picture of his fingerprint on a wineglass, processed it in Photoshop, and made a model using 3ds Max that allowed him to extrude the lines in the picture into a 3D version.
After a 13-minute print (and three attempts with some tweaks), he was able to print out a version of his fingerprint that fooled the phone’s sensor.
The Galaxy S10’s fingerprint sensor doesn’t rely on an optical or capacitive fingerprint scanner that’s been used in other versions of the phone, using instead an ultrasonic sensor that’s apparently more difficult to spoof. darkshark points out that it didn’t take much to spoof his own fingerprint. A concern, he notes, is that payment and banking apps are increasingly using the authentication from a fingerprint sensor to unlock, and all he needed to get into his phone was a photograph, some software, and access to a 3D printer. “I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it,” he writes.
