Professors from UC Berkeley and UC Davis have developed a new way of reading fingerprints that allows for a 3D scan, rather than the traditional 2D scan. In theory, this should make fingerprint authentication on mobile devices harder to fool.

David Wagner, Executive Editor, Community & IT Life

July 2, 2015

3 Min Read
<p align="left">(Image: <a href="https://www.flickr.com/photos/janitors/17133097725" target="_blank">Karlis Dambrans</a> via Flickr)</p>

10 Essential Google Apps For iPhone Users

10 Essential Google Apps For iPhone Users


10 Essential Google Apps For iPhone Users (Click image for larger view and slideshow.)

An ultrasonic way of taking fingerprints promises improved smartphone security. According to the American Institute of Physics, Professors from UC Berkeley and UC Davis have developed a new way of reading finger prints that allow for a 3D scan, rather than the traditional 2D scan. In theory, this should make fingerprint authentication on smartphones and tablets harder to fool.

The system works like a traditional medical ultrasound. A small microelectromechanical wafer (MEM) sends out a signal, and the machine collects the returning signals that echo from the finger. The method allows the system to measure the fingerprint itself, as well as the depth of the ridges and valleys in the fingerprint. In the past, some fingerprint scanners have been defeated by 2D images of fingerprints. This should make that significantly harder.

In fact, traditional 2D scans on smartphones were easily hacked shortly after their introduction. The fingerprint scanners on the iPhone 5 and the Samsung Galaxy smartphones were easily defeated by using wood glue to pick up a fingerprint. The technology has improved since then, but many believe it is still easy to defeat for a patient person.

A 3D scan that reads the living tissue of a person would remove much of this danger. One couldn't lift a fingerprint from a surface a person touched. They'd need to at least see the real 3D finger. It would be much more difficult to create the model (though, no doubt someone will eventually learn to do so) of the actual depth of the fingerprint.

[Think this is cool? Try scanning an iris from 40 feet. Read Iris Scans: Security Breakthrough or Privacy Invasion?]

Is this the major breakthrough we have hoped for in biometrics? Is this the end of the password forever? Probably not. The issue is that once a fingerprint is compromised, either because someone learns to spoof your fingerprint or because your data is compromised, you can't change your fingers like you can your password. You might be able to change your security data to a finger that wasn't compromised, if you are lucky. But once you run out of fingers to scan, you are out of luck.

For the average consumer, however, this does significantly raise the bar on security. Most people don't have enemies with the patience to spoof a 3D image of their thumb. If your phone is randomly lost or stolen (as opposed to targeted) the value of the data on your phone may or may not be worth it for a criminal to attempt to hack. Make it harder to access and it might be enough to deter data thieves in a lot of circumstances. It should be pointed out that in 2011 the value of the data on a lost smartphone averaged $37,000. That gives determined thieves a very good reason to get into your phone.

For the most part, 3D fingerprint scanning doesn't represent a major breakthrough or paradigm shift in the way we will secure smartphones. But it does give us a decent step forward.

About the Author(s)

David Wagner

Executive Editor, Community & IT Life

David has been writing on business and technology for over 10 years and was most recently Managing Editor at Enterpriseefficiency.com. Before that he was an Assistant Editor at MIT Sloan Management Review, where he covered a wide range of business topics including IT, leadership, and innovation. He has also been a freelance writer for many top consulting firms and academics in the business and technology sectors. Born in Silver Spring, Md., he grew up doodling on the back of used punch cards from the data center his father ran for over 25 years. In his spare time, he loses golf balls (and occasionally puts one in a hole), posts too often on Facebook, and teaches his two kids to take the zombie apocalypse just a little too seriously. 

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights