Researchers fooled biometric systems with fake fingerprints made out of Play-Doh nine out of ten times, demonstrating a weakness of some computer security systems.
Led by Stephanie Schuckers, an associate professor of electrical and computer engineering at Potsdam, N.Y.-based Clarkson University, the researchers tested 66 Play-Doh copies of real fingerprints of 11 different people. The fake fingerprints were verified as the real deal 90 percent of the time.
"As with any identification or security system, biometric devices are prone to 'spoofing’ or attacks designed to defeat them," said Schuckers in a statement.
Schuckers also tested cadaver fingers on fingerprint readers, and got the same results. In some of the tests, dismembered fingers passed 94 percent of the time.
Security relying on fingerprints can be beefed up, she said, by accounting for perspiration on real fingers. Schuckers and her team created an algorithm that detects the moisture pattern on live fingers; when this was added to the readers, spoofing success fell to less than 10 percent.
Schuckers’ research is funded by $3.1 million from the National Science Foundation (NSF), the Department of Homeland Security, and the Department of Defense.