I recently went through airport security on an international flight where they recorded my fingerprints.<p>Like many others, my smartphone can be accessed via biometric fingerprint login to reveal sensitive data such as email.<p>This got me thinking about the security implications for my smartphone. I'm curious about the potential risks and how secure my data really is after such an interaction. Even if a third party has my biometric fingerprint details, can I rely on how physical access to my phone is necessary to bypass the fingerprint lock?
You are already putting copies of your fingerprints everywhere, by just touching stuff.<p>Fingerprints, like all biometrics are not a secret like a password. The point is to assess your physical presence. When used with a phone, your fingerprints are not securing your data, the phone, as a physical device does ("something you have"). The fingerprint is a second factor ("something you are"), a way to make sure the device is in your hands and not someone else's hand.<p>Security depends on the sensor device. That is, how good it is a making a difference between your actual, live finger and something else.<p>If you are worried about the security of your phone fingerprint sensor, use a password. Your fingerprint itself is already available to anyone who cares.
In India the entire population gave their fingerprint to the government via a massive program called Aadhaar! [1]<p>This is mandatory for bank accounts, sim cards and what not. So its practically unlivable without Aadhaar these days.<p>[1] <a href="https://uidai.gov.in/en/" rel="nofollow">https://uidai.gov.in/en/</a>
I think the real issue would be physical access. With fairly high resolution 3d printers and a copy of your prints, I'm sure a replica of your prints could be created in a matter of minutes. Imagine you are at an airport and customs wants to look at your phone. You refuse to unlock it. Depending on the country, they can compel you to do so. If you refuse to comply, if they have a copy of your prints they could just have a replica printed out. This is why there is usually a way to set your phone into a state where it requires a passcode, which in theory is more legally protected than biometrics (on an iPhone, hold the power button + volume up/down for a second until you get the screen to turn off / make an emergency call. Even if you now hit cancel the phone requires a passcode to unlock).
I'm not a security expert, but as far as I know, the fingerprint should only be used to identify a user (like a username), not authenticate.<p>Not sure about how much data any entity could leak but if you want to be sure, perhaps you can use a different method on your phone?<p>> Even if a third party has my biometric fingerprint details, can I rely on how physical access to my phone is necessary to bypass the fingerprint lock?<p>I think not, if the third party is a government.
Probably not worth worrying strictly about the info gathered by airport security unless you're a person of interest, either to that nation or it's allies. If you're that interesting to whoever, all bets are off. Plenty of other ways to get info off phone.<p>FWIW I really don't recommend just fingerprint for phone access. You can change a PIN if someone else gets a hold of it, there's not much you can do to change your fingerprints.
Fingerprint is never safe. I can just get your phone and it will be all covered with your fingerprints.<p>It's like sticking a note with a password on your computer :)<p>Personal protip:
I use fingerprint lock, but anything sensitive on my phone is blocked with extra pattern lock. With unlocked phone you can access my gallery but you cannot access bank apps. IIRC this will be the built in feature of next Android, I use Xiaomi smartphone which has many extra security features like this one since basically always. Maybe there is an app for this too, I don't know.<p>Of course this isn't 100% secure, I probably have USB Debugging unlocked, but at least saves me from a random person just grabbing my phone while I'm on a bus and running away with unlocked phone.<p>Before anyone asks "But aren't bank apps already locked with their own PIN codes?" - yes, they are. But some forces me to have 4 digits PIN only, some even suggests using fingerprint to unlock them (and for some I do). But I'm also blocking Google Play, a browser where I do the most private stuff, I could block a messenger app. Basic apps does not have extra security features.
If you're concerned about security, don't have all your sensitive information packed into a phone.<p>30 years ago much of the population was <i>concerned</i> about typing a credit card number into 'the internet'. Now we have a small, hackable, stealable, insecure by design device with bank, personal communications, business communications, social security, family photos and numerous more data depending on your choice of app. It's a great win of drip-drip <i>very convenient</i> <i>life is faster now</i> (it isn't, there's just more gap for not planning).
> Does airport fingerprinting compromise my biometric security?<p>Access by a criminal? probably not much - if they can get physical access to your phone, access to your fingerprint by social manipulation or threat isn't that hard.<p>Access by government agency that confiscates your phone? theoretically yes, but no more than using printed fingerprints on an arrest record or lifted from your home and printed so they can be used on your phone.<p>Access by a local sheriff/corrupt cop? a lot of hassle compared with getting access to your finger
Biometrics are a terrible choice for sensitive information:<p>* It is easier to push your thumb on a screen than to pry a password out of your head. (relevant XKCD: <a href="https://xkcd.com/538/" rel="nofollow">https://xkcd.com/538/</a>)<p>* You will leave fingerprints and other biometric features everywhere.
The only time I have used fingerprints for flights is for bag drop. That is, the fingerprint verifies that the same person dropping the bag is the one that later boards the flight. In that scenario the fingerprint is not needed after that, and I'm sure there is no regulatory permission to store biometric data for any longer period of time than necessary, which is only until the plane leaves. I haven't seen these systems in a while though so its possible that newer regulation like the GDPR even made them too cumbersome to maintain. Of course there is a risk of compromise in such a system, but if someone wanted your fingerprints specifically it would probably be easier to get them from your car door than hacking an airport system.<p>Fingerprints for unlocking is not very secure it's just a convenience. Consider it to be equivalent to face unlocking. Anyone who is determined enough will bypass it. Whether it's secure enough depends on your threat model. I trust face unlock to prevent my kids unlocking my phone but that's a whole different kind of threat model from a state actor.
Fingerprints aren't equivalent to security.<p>They are at best a quick convenience for perhaps a time logging machine? Where security really isn't a factor.
> Even if a third party has my biometric fingerprint details, can I rely on how physical access to my phone is necessary to bypass the fingerprint lock<p>Two points to make:<p>First, I don't know about Android, but certainly on iPhone, the fingerprint data is stored in the Secure Enclave and the biometric reader on the phone establishes a secure communications channel (unique session key) with the Secure Enclave. So remote attacks are unfeasable unless you've managed to extract the underlying shared key from the Secure Enclave.[1]<p>Second, the definition of what is "stored". There are a number of different approaches to storing biometric data, and most if not all "modern" methods will store an algorithmic derivation of some sort rather than actual raw measurement data. Hence if the government is using algorithm A and your phone is using algorithm B, then in all likelyhood there is no viable way to transpose between the two.<p>Third, generally good OPSEC suggests to disable the biometric login to your phone anyway and rely on a password. That way, for example, someone can't just hit you on the head to render you unconcious and hold your finger to the sensor. (They would have to force the password out of you whilst you were concious, per XKCD[2] ;-)<p>[1]<a href="https://support.apple.com/en-gb/guide/security/sec067eb0c9e/web" rel="nofollow">https://support.apple.com/en-gb/guide/security/sec067eb0c9e/...</a>
[2]<a href="https://xkcd.com/538/" rel="nofollow">https://xkcd.com/538/</a>
as far as i know, we do not store fingerprints but i kind of hash of the fingerprint. so if this hash is stolen, it should not be possible to reconstruct the fingerprint "curve points" to use it on your device. but if someone does gain access to your device, i'd say that device is fucked anyway.<p>if your device is locked with fingerprint, it will be FAR easier to grab your fingerprint from something you touched. and creating a fingerprint impression from this will be VERY easy. it takes simple glue and it is very low-cost. you use cyanolate and a gummy bear. the gummy bear will hold the fingerprint while you apply it to the sensor :)<p>here are a few links :
<a href="https://blog.kraken.com/product/security/your-fingerprint-can-be-hacked-for-5-heres-how" rel="nofollow">https://blog.kraken.com/product/security/your-fingerprint-ca...</a>
<a href="https://blog.talosintelligence.com/fingerprint-research/" rel="nofollow">https://blog.talosintelligence.com/fingerprint-research/</a>
<a href="https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid" rel="nofollow">https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid</a><p>fingerprints are a conveniance. they will work at home where you want that phone to be protected from your kid you don't want to be accessing internet too easily.<p>as a security measure, it's stupid because it is very easy to grab fingerprints : you leave those all around. it is also very easy to just create an impression from a picture with a good quality camera. and once it's compromised, you CANNOT change your fingerprint for another one.<p>do. not. use. fingerprints. for. security.