Biometric technology can recognize distinctive features that are grouped into: static biometrics (when it collects measurements of people's physical characteristics), such as hand geometry, fingerprint, facial shape, iris, retina, vascular pattern of hands and fingers (veins), etc.
Hackers Jan Krissler and Julian Albrecht managed, using a wax hand, to fool one of the most advanced systems that uses the veins of this limb for authentication.
These experts had already carried out feats such as fooling the Touch ID, the fingerprint reader manufactured by Apple. And on one occasion they hacked the fingerprints of Germany's Minister of Defense.
The vein authentication method is a biometric security method that scans the veins of the hand, being a much safer method than fingerprint reading, because it identifies millions of points in the circulatory system. Given its high cost, it is only used in state and security institutions.
In fact, this action cannot be treated as a criminal act. Krissler and Albrecht demonstrated their achievement at the Chaos Communication Congress (25C3), held a few days ago in Germany. Krissler also demonstrated that there are vulnerabilities in iris scanning technology, using infrared images and contact lenses.
Meanwhile, Krissler said: “The first time we forged the system, I was very surprised that it was so easy”, One of the companies developing this technology immediately claimed that it is nothing more than an experiment that is not applicable in the real world.