3D printing has gone deep into CSI territory with a near unbelievable story. The police turned to Michigan State University for their help 3D printing new fingers to crack the fingerprint access on a murder victim’s phone.
It’s an incredible story that highlights security issues, as well as the breathtaking progress in the world of 3D printing.
Anil Jain is a computer science professor and he specialises in facial recognition, fingerprint scanners and tattoo matching. His main focus is actually making devices secure and safe from hackers, but this time the police asked him to hack into the dead man’s phone.
The police have a track record with the phone companies
Officers were sure the phone contained crucial information, but US law enforcement agencies have had some well publicised battles of late to get passcodes to phones. The FBI took Apple to court to gain access to the San Bernardino shooter’s iPhone and it turned into a political mess.
This is a little different, because this was a victim’s phone rather than a suspect’s and so he cannot incriminate himself, which is an issue under the Fifth Amendment. But, rather than go through the courts and deal with the undoubted complexities, the police came up with a novel approach.
Thanks to a previous arrest, they had the victim’s fingerprints on file and they came up with the novel idea of 3D printing new fingers. Apparently taking the phone to the morgue was a step too far.
They turned to Jain and his PhD student, Sunpreet Arora. Now the case is ongoing, so the pair are understandably a little cagey about the details. Arora did reveal, though, that they had to recreate all of the victim’s fingers as they simply did not know which one he used to secure his phone. With the police facing serious time pressures, the only real solution was to print every possibility.
You can’t just scan your finger and make it work
Don’t think you can just scan and print your finger with PLA and fool your scanner, though, it’s more complex than that. Most phone scanners work with a series of electrical circuits coming into contact with one other through the conductive nature of the user’s skin.
Arora reveals they overcame this minor issue by coating these false fingers with metallic particles, which created the right level of conductivity. It hasn’t worked yet, the researchers haven’t handed over the fingers to the police. After they have completed their final tests then they will give them to the officers, though, and we’ll see if we really can crack a phone with a fake finger.
What about the criminals?
It’s a stunning revelation in itself, and it also poses some quite pointed questions about the security aspect of phones and computers. We’re slowly moving towards fingerprint access, but if organised criminals can literally build a new thumbprint that can provide access to bank accounts then it could be a serious issue.
It’s unlikely they could get a clean print from a device that is in constant use, but there are all kinds of ways to secure a fingerprint. So if it’s important enough to crack someone’s phone or laptop, then it is apparently possible.
Is this the TSA phone lock?
If the police already have a copy of a suspect’s fingerprints, too, then technically they could apply this technology and get round the issues with Apple and other mobile phone companies. The phone companies don’t want to supply TSA lock-style codes for law enforcement companies, as it will inevitably compromise their customers’ privacy. But this could render the whole discussion redundant.
So if the police, and other people, can simply build new fingers, we might want to think about fingerprint access and install iris readers instead.