Today biometric systems are becoming mainstream. They can be·
found everywhere. In mobile phones, computers, entrance systems even in ATMs.
Because of the low costs, small sizes and the alleged maturity mostly
fingerprint sensors are used. But contrary to the assurance of the
manufacturers they are still very easy to hack with techniques invented
three years ago (see
The capacitive sensors built into the new generation of Thinkpad
computer from IBM / Lenovo were one of the first implementing countermeasures·
against this type of dummies. But counter measures only lead to new types of·
Using this fingerprint system as an Example I want to explain the different
techniques of hacking biometric systems, from the attack on the
communication and the stored reference data to the direct hack of the sensor·
itself. The talk will present tools and ways to extract communication data to
enhance dummy materials and a step by step approach to the final dummy finger·
that will defeat the sensor.