Biometric Scanner | Breaking Cybersecurity News | The Hacker News

Google just announced its plan to introduce a new anti-spoofing feature for its Android operating system that makes its biometric authentication mechanisms more secure than ever. Biometric authentications, like the fingerprint, IRIS, or face recognition technologies, smoothen the process of unlocking devices and applications by making it notably faster and secure. Although biometric systems also have some pitfalls that are not hidden from anyone, as it has been proven multiple times in the past that most biometric scanners are vulnerable to spoofing attacks, and in most cases fooling them is quite easy. Google announced today a better model to improve biometric security, which will be available from Android P, allowing mobile app developers to integrate an enhanced mechanism within their apps to keep users' data safe. New Biometric Metrics to Identify Spoofing and Imposter Attacks Currently, the Android biometric authentication system uses two metrics—False Accept Rate (FA

Forget fingerprint authentication, retinal scanning or advanced facial recognition that has recently been implemented by Apple in its iPhone X—researchers developed a new authentication system that doesn't require any of your interaction, as simply being near your device is more than enough. A group of computer scientists at the University of Buffalo, New York, have developed a new cardiac-scan authentication system that uses your heart's shape and size as a unique biometric to identify and authenticate you. Dubbed Cardiac Scan , the new authentication system makes use of low-level Doppler radar to wirelessly and continuously map out the dimensions of your beating heart, granting you access to your device so long as you're near it. In simple words, your office device should be able to recognise that it is you sitting in front of the computer, and sign you in without any password or interaction, and automatically should log you out if you step away from your compute

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Samsung recently launched its new flagship smartphones, the Galaxy S8 and Galaxy S8 Plus, with both Facial and IRIS Recognition features, making it easier for users to unlock their smartphone and signing into websites. We already knew that the Galaxy S8's facial unlock feature could be easily fooled with just a simple photograph of the device owner, but now hackers have also discovered a simple way to bypass the iris-based authentication, which Samsung wants you to think is unbeatable. All it took for German hacking group Chaos Computer Club (CCC) to break the Galaxy S8's iris-recognition system was nothing but a camera, a printer, and a contact lens. The white hat hacking group also published a video showing how to defeat Samsung's iris scanner. Video Demonstration — Bypassing Iris Scanner The process was very simple. The CCC group simply used the night mode setting on a Sony digital camera to capture a medium range photo of their subject. Since the iris

MasterCard has unveiled its brand new payment card that has a built-in biometric fingerprint scanner, allowing customers to authorize payments with their fingerprint, without requiring a PIN code or a signature. The company is already testing the new biometric payment cards, combined with the on-board chips, in South Africa and says it hopes to roll out the new cards to the rest of the world by the end of 2017. Don't Worry, It Still Supports PIN-based Transactions as Fallback Wait — If you think that this feature would not allow you to share your card with your child and spouse, don't worry — Mastercard has a solution for this issue as well. The company has confirmed that even if the card is configured to expect the fingerprint for authenticating a purchase, but it does still have a PIN as a fallback, in case, for some reason EMV readers fail to read fingerprint or you have yourself handed it to your child for shopping. Stores & Retailers Don't Need New Hardw

Now no more fight with Apple or any smartphone maker, as federal authorities have discovered a new tool for unlocking phones, as far as your phone is using any biometric sensor… 3D Printing! Yes, Police in Michigan is considering 3D printing a dead man's fingers so they could unlock smartphones in investigation crimes using their biometric sensors. A new report published today from Flash Forward creator Rose Eveleth revealed that the police recently approached professors at the University of Michigan to reproduce a dead man's fingerprint from a prerecorded scan. Once reproduced, the 3D print would be used to create a false fingerprint of the dead man, which could then be used to unlock his smartphone using its biometric sensors. The man was a murder victim, and law enforcement investigators believed that his phone might contain some useful information relevant to the case. Why Police Can't 3D-Print Themselves? Because... Since smartphone biometric sensors used

Until today, there existed such Fingerprint Biometric Readers that required your touch to authenticate yourself as an authorized person. However, the latest research shows that the future of fingerprint scanners lies in a " no-touch " activity by an individual for gaining access. Recently, NIST ( National Institute of Standards and Technology ) has funded a number of startup and companies to develop touchless Fingerprint readers. The Contactless Biometric Technology requires the person's presence, but from meters away. As the fingerprint scanners can sense and read your fingerprint information while you are standing few meters away from the scanner. Contactless Fingerprint Scanners: Fast and Time Saving The touch-free technology is such where authentication is done with a faster speed, saving time while giving importance to hygiene when compared to conventional biometric devices. Imagine a situation, where there's a long queue and to pass through biometric fingerprint

Over a year ago I wrote an article on The Hacker News that warned of serious security concerns created by the iPhone and Android's Fingerprint authentication . Till now hackers were impersonated simply by lifting prints off the side of a phone and gaining unauthorized access to user's phone and thus data. However, security researchers have now discovered four new ways to attack Android devices to extract user fingerprints remotely without letting the user know about it. The attack, which the researchers dubbed the " Fingerprint Sensor Spying attack ," could be used by hackers to " remotely harvest fingerprints in a large scale, " Yulong Zhang, one of the researchers told ZDNet. Remotely Hacking Android Fingerprints FireEye researchers Tao Wei and Yulong Zhang presented their research in a talk titled, Fingerprints on Mobile Devices: Abusing and Leaking , at the Black Hat conference in Las Vegas on Wednesday, where they outlined new wa

Yahoo! don't want you to every time type a PIN or swipe your phone or scan your thumbprint in order to unlock your smartphone. Instead, it only wants you to place your smartphone device on your ear in order to do that. A new concept from Yahoo's Research Labs is out that doesn't focus on old fingerprint biometric scanners that are major form of biometric security on today's smartphones, rather focuses on an idea of Bodyprint as the futuristic biometric security. A team of researchers from the Internet giant has developed a new biometric system called " Bodyprint ," which is a much affordable alternative to fingerprint scanners for mobile phones. What does Bodyprint scan? Bodyprint, built by researchers Christian Holz, Senaka Buthpitiya, and Marius Knaust, is designed to utilize different body parts as biometric sensors for different cases, depending on how the users are using their phones. As mentioned above, Bodyprint can recognize you from your ears