Fingerprint Spoofing Is Much Easier Than You Think

February 26, 2016 | Kia Kokalitcheva of Fortune

A dental mold and kid’s clay is all you need.

It turns out that even fingerprints can be spoofed with just a little bit of kids’ modeling clay.

Though it requires cooperation from the fingerprint theft victim, it’s quite easy, as a reporter from the Wall Street Journal learned. After the president of Vkansee, a company that develops fingerprint-based security systems, took an imprint of his finger using a dental mold, he used kids’ modeling clay to make a replica of his finger tip and use it to unlock an Apple AAPL 0.18% iPhone. It took a few tries, but the fingerprint replica eventually worked.

With that said, other security experts say they can spoof a fingerprint without the finger owner’s cooperation. For example, in 2014, researchers at Germany’s Security Research Labs were able to hack a Samsung Galaxy 5’s fingerprint sensor, while the previous year, a team of German hackers bypassed the then-new iPhone 5S’s Touch ID fingerprint reader.

But as the Journal notes, some companies are developing more advanced systems to help close those loopholes. Goodix is integrating additional layers of security, such as looking at blood flow to ensure a real finger is used, while Vkansee is adding a camera to authenticate the same.