A video circulating on social media is warning users to stop making the victory sign in selfies, as hackers can copy fingerprints from pictures to steal their data. Here’s what cybersecurity experts are saying about the possibility.
The iconic V sign, symbol of victory, generally used to represent peace, is a fashionable gesture when people take pictures.
A clip widely shared on WhatsApp and other social networks warns, however, that people should give up the victory sign because hackers can make high-quality copies of fingerprints to crack phones’ security and steal data and money.
Experts consulted by Euronews analyzed how real this danger is.
In short, it is possible, but technically very difficult to implement such identity theft.
For now it is almost impossible
Hackers could, in theory, extract copies of our fingerprints from the selfies we post online, but only under very specific conditions, says Sarah Morris, professor of digital forensics at the University of Southampton: “We’re talking about the right lighting, the right camera , the right resolution, the right angle of the finger, the right proximity of the finger to the camera. We’re talking about very specific conditions here for this to work.”
“With most phones, getting that level of resolution holding your hand up when you’re quite far from the camera is going to be very, very difficult,” she added.
Frank Breitinger, associate professor of digital forensics and investigations at the University of Lausanne, came to a similar conclusion. “You can get sensitive information from images that are of good quality, but otherwise it’s hard. Even if you have it, reusing that data is even harder,” he said.
Many social media platforms reduce the quality of photos and videos transmitted or stored online, which acts as an additional shield that can help stop our data being stolen, the specialist says.
No matter how good the would-be hacker’s equipment and technology might be, if the source data doesn’t have enough detail, then the algorithm won’t be able to capture enough information to make exact copies of our fingerprints, Breitinger points out.
Even in a situation where the conditions are perfect for a cybercriminal, it is still highly unlikely that they have the technology to extract our biometric data from our photos – at least for now.
A hacker would likely use a software-based platform, possibly with artificial intelligence-based technology. He would use an algorithm to extract fingerprint information and then convert it into biometric data to use.
“As far as I know, this is not common software. It’s certainly not something I’ve come across and it would be difficult to obtain (…),” Morris said.
The fingerprint sensor is hard to fool
However, we must be aware of potential dangers when posting content online, especially as AI is evolving rapidly.
The video circulating on WhatsApp suggests precautions we can take to avoid becoming targets online, such as not showing clearly our fingertips in photos and using filters to blur any sensitive areas or information.
But Morris says that’s not necessary right now because the technology to extract biometric data simply isn’t that readily available yet.
Biometric data is usually stored locally, such as on the personal phone, so hackers would normally need physical access to the device to access it.
“Let’s say you want to crack my phone, which is protected with my fingerprint: you still need my phone,” he explained, pointing out that hackers would have to physically replicate the image into something that can be placed on their finger, for example a thin, almost invisible foil.
And it still wouldn’t be enough to succeed. “Most sensors are good enough to detect if something is artificial,” he said.
Expert advice for strengthening security
For crack-free cyber security, experts suggest that we watch out for clues and information we might unwittingly share in photos.
Morris said that public sources of information, where people can look at photos and infer where we are and what we’re doing from certain details of the streets or from books or posters that appear in the background, are often a much better way easy and more widespread access to personal data.
It’s also recommended to be cautious about sharing close-ups of eyes or using voice or face recognition software, instead of worrying about fingerprints, Breitinger says.
“Fingerprints are still one of the biometric features I trust the most. I’d be more worried about a deepfake or someone capturing my voice than someone stealing my fingerprint,” Breitinger said.
He also suggests avoiding sharing high-quality iris images online, as well as always using two-factor authentication to protect our accounts and data.
TD
Tags: Whatsapp message claims hackers copy fingerprints selfies experts
-
