The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
If you’re protecting your smartphone with your fingerprint, beware strangers bearing Play-Doh.
A Chinese startup demonstrated at the Mobile World Congress this week how a mold made from the popular children’s toy could be used to unlock an iPhone, CNBC reports.
You can see a truncated version of the purported hack in a video posted to Twitter by tech reporter Arjun Kharpal: Jason Chaikin, president of mobile security firm Vkansee, holds a piece of the molding clay bearing a fingerprint up to Apple’s Touch ID fingerprint sensor and, within a few seconds gains, access to the device.
The Play-Doh print in use, it should be noted, came from the cast of a finger made in dental paste, according to other outlets covering the hack. In order words, it could be fairly labor intensive for criminals to replicate in the real world. Still, the demonstration serves as a reminder to keep an eye on your payment or personal information, no matter what security features you are using to protect your accounts or devices.
Apple did not immediately respond to Credit.com’s request for comment on the demonstration. It did point Kharpal to its security policy, which states “every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1-in-50,000 for one enrolled finger. This is much better than the 1-in-10,000 odds of guessing a typical 4-digit passcode.”
According to CNBC, Chaikin was demonstrating the hack to illustrate a lack of sophistication in current biometric solutions — which authenticate identities via physical or biological information, like a fingerprint, retinal scan or even heartbeat. His company, incidentally, is marketing its own fingerprint sensor, but this isn’t the first time current biometric authenticators has been called into question. Reports have surfaced of Apple’s Touch ID being hacked before and other popular smartphones have weathered similar allegations.
Regardless of these hacks, biometric authenticators are generally considered more secure than traditional alphanumeric passwords, though, on the flip side, there’s also been some debate around what hackers could do, should they get a hold of such sensitive information. That’s why consumers should, at the very least, read all the terms and conditions associated with the biometrics they use to learn, among other things, what is being scanned, where it is being stored and what security features are in place to lock down the information should your device be stolen or otherwise compromised.
And whether using password or fingerprint protection, you should regularly monitor financial accounts for credit card or debit card fraud and check your credit for signs of deeper identity theft. (You can pull your free annual credit reports at AnnualCreditReport.com and see your credit scores for free each month on Credit.com.) Signs of your identity has been stolen include a sudden drop in credit score, mysterious accounts or high balances you weren’t aware of.
Image: Hemera Technologies
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams