Video: Digital fingerprints can be hacked, too

No security system is foolproof, but this is an unlikely target for ID thieves


Fingerprints have become our new passwords, unlocking smartphones and other devices that have become payment gateways.

In some countries, major credit card companies have even issued physical cards that use your fingerprint as a security measure instead of a PIN.

But, how hard is it to hack your fingerprint?

Not very, according to a German biometric expert and member of the Berlin Chaos Computer Club, which specializes in detecting security vulnerabilities. Starbug, as he refers to himself, put a video online that shows him lifting a fingerprint from a smartphone and then creating a copy that he uses to log in.

But in a phone call we made to Starbug -- enabled with a thumbprint of course -- he said there's no need for panic.

"It definitely won't happen to normal people," says the biometric security expert. "You lose your phone on the street and no one will try to get the data because the people won't know you and they don't have information on you."

Though his video shows how fast someone can make a copy fingerprint with inexpensive materials and access to a high-quality printer, Starbug believes they would only go to the trouble if they knew the value of the information on your phone. In other words, a suspicious spouse would be more likely to try this than a stranger who finds your phone on the street.

What about hackers accessing a database containing your fingerprint? Also not very likely, according to Dr. Brian Martin, director of biometric research at MorphoTrust USA, a company that specializes in biometric authentication technology.

"All of the biometrics that we spoke about, they actually start from an image," says Martin. "The biometric features are then extracted and stored as ones and zeros. These ones and zeros are sometimes encrypted and sometimes just mixed up and they are generally impossible to reverse engineer."

Nevertheless, other biometric authentication methods are on the way. For mobile payments, users may soon be able to identify themselves not only by touch but also through iris or facial recognition, a move Martin hopes will lead toward using multiple forms of biometric authentication to ensure no one, including masters of the trade like Starbug, can get to your personal information.

See related:  If we go to biometric IDs, will hackers try to steal your face? Biometrics: Your body could be your next password, Credit card fraud and ID theft statistics

Join the discussion
We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, do not disclose confidential or personal information such as bank account numbers or social security numbers. Anything you post may be disclosed, published, transmitted or reused.

If you are commenting using a Facebook account, your profile information may be displayed with your comment depending on your privacy settings. By leaving the 'Post to Facebook' box selected, your comment will be published to your Facebook profile in addition to the space below.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

Weekly newsletter
Get the latest news, advice, articles and tips delivered to your inbox. It's FREE.

Updated: 03-26-2019