Hackers use fingerprints on a drinking glass to break into smartphones

A Tencent team demonstrated how to break into smartphone fingerprint scanners in just 20 minutes

Reading Time:2 minutes

Samsung suffered an embarrassing episode when it was discovered anyone can crack their ultrasonic fingerprint sensor with the help of a cheap screen protector. (Picture: REUTERS/Eduardo Munoz)

Published: 5:32pm, 30 Oct 2019Updated: 5:32pm, 30 Oct 2019

This article originally appeared on ABACUS

Are you sure you want to drink that glass of water? Because that glass will have your fingerprints all over it. And that, apparently, is enough to crack your smartphone.

Tencent Security's X-Lab team demonstrated this at a hacking event in Shanghai by inviting members of the audience to touch a glass. Then the team's leader, Chen Yu, took out his phone, snapped a photo of the fingerprints, and ran it through their new app to extract accurate data. That was used to create a physical version of the fingerprints in just 20 minutes.

The result? The "cloned" fingerprints were able to fool three smartphones and two attendance machines equipped with fingerprint scanners.

“For this attack, the hardware cost more than RMB 1000 (US$140) in total, and the software is just one phone and one app," X-Lab’s researcher Chen Yu told media after the event which took place on last week on Thursday.

X-Lab is one of seven security research groups under Tencent, including Keen Lab and Yunding Lab. (Picture: Tencent)

Tencent declined to elaborate further on the exact method they used.

X-Lab claims to be the first to crack an ultrasonic fingerprint sensor, along with two other common types used in smartphones: Capacitance and optical sensors.