High mobile payment penetration in China also means that it is a market ripe to be taken advantage of. One of the main security methods on most phones is the fingerprint. It is used for everything from unlocking your phone to confirming purchases. However, it is not foolproof and can be “spoofed,” or faked, if criminals are willing to put in the time and effort to create fake fingerprints.
Leading mobile manufacturers Huawei, Google, OPPO, VIVO, Xiaomi, Lenovo, Sony, ZTE, Coolpad and HTC are using Precise Biometrics’ software to secure mobile payments from fraud and identity theft.
60 percent of all transactions are expected to be performed via biometric authentication by 2020, primarily via fingerprint sensors in mobile devices, according to the Biometrics Research Group. In fact, the Redmi Note 4X, released this February, and the OPPO R11 released this June, both have integrated their fingerprint sensor.
“Of course, there are a lot of different methods to unlock your phone. Scanning your fingerprint is the most convenient form. It will take longer if you want to do an iris or face. For its convenience, scanning your fingerprint is used for the low-risk activities like unlocking the phone,” Mark Cornett, Senior Sales Director of North America at Precise Biometrics answered TechNode’s question at the Press conference.
The Swedish company launched their new security suite that offers industry leading fingerprint matching software with spoof and liveness detection, as well as standalone anti-spoof products and services. Liveness detection can tell whether a real finger is being used.
Their solutions and services for efficient spoof and liveness detection is designed to protect fingerprint sensors which are vulnerable to spoofing via fake fingers. The main feature in the security suite is the integration of spoof and liveness detection capability into Precise Biometrics’ fingerprint software for mobile devices, Precise BioMatchTM Mobile.
“[Making a fake finger to hack your phone] is not difficult to do, and the risk is there. We will be able to bring a larger sensor to the mobile device market so that we can prevent mobile device hacking,” Mark said.
Precise Biometrics showed a video how to perform a spoof attack, to demonstrate that the risk is real. A fingerprint impression is left on the phone, and a latent print is captured using latent power and tape. Then the image is scanned and uploaded to the computer. Using a laser printer, the fingerprint is then scanned and wood glue is applied on top of it. When the wood glue is dry, then you can use this fake fingerprint to unlock the phone.
The anti-spoof solution is software-based, which makes it easy to integrate without any need for additional hardware. Precise BioMatch Mobile with spoof and liveness detection capabilities will be available by the end of Q3.
“By adding the other features in our security suite, we are offering our customers a one-of-a-kind toolbox for secure fingerprint technology, enabling trustworthy mobile payments,” said Håkan Persson, CEO of Precise Biometrics said in the press release.