New hack clones fingerprints just by listening to fingers swipe screens

Researchers have figured out a novel method to crack biometric security measures (iStock/ Getty Images)
Researchers have figured out a novel method to crack biometric security measures (iStock/ Getty Images)

Researchers have figured out how to recreate a person’s fingerprints from just the sound they make while swiping a touchscreen.

The discovery, made by a team from the US and China, could have profound implications for biometric security systems that are used in everything from smartphones to door access locks.

The technique, called PrintListener, reconstructs the pattern of a finger’s papillary lines through the acoustic signals it generates as it slides across a screen.

Hackers could use the microphone found within the smartphone to record the sound and steal a victim’s fingerprint, according to the researchers.

“Due to its widespread use, fingerprint leakage may cause sensitive information theft, enormous economic and personnel losses, and even a potential compromise of national security,” the researchers noted in a paper detailing their findings.

“The attack scenario of PrintListener is extensive and covert. It only needs to record users’ fingertip friction sound and can be launched by leveraging a large number of social media platforms.”

Using PrintListener in “realistic scenarios”, the researchers were able to achieve a partial reconstruction of a person’s fingerprint 27.9 per cent of the time and a full reconstruction 9.3 per cent of the time.

The method was detailed in a research paper titled ‘PrintListener: Uncovering the vulnerability of fingerprint authentication via the finger friction sound’, written by the team from the University of Colorado in the US and Tsinghua University, Wuhan University and Huazhong University of Science and Technology in China.

Potential ways to protect against fingerprint cloning include specialised screen protectors on mobile devices, the researchers noted, though new sound analysis techniques could also be developed.

The best countermeasure to prevent fingerprints being stolen is to change the way we interact with smartphones and screens. “For example, users try not to swipe their fingers on the phone screen when making audio and video calls on social media platforms,” the paper noted.

The global fingerprint biometrics market is anticipated to be worth nearly $75 billion by 2032, according to a recent report from Allied Market Research, up from $21 billion in 2022.

The report also noted that the projection could be impacted by “operational concerns related to privacy and security”.