BrutePrint: Expose Smartphone Fingerprint Authentication to Brute-force Attack. (arXiv:2305.10791v1 [cs.CR])

Fingerprint authentication has been widely adopted on smartphones to
complement traditional password authentication, making it a tempting target for
attackers. The smartphone industry is fully aware of existing threats, and
especially for the presentation attack studied by most prior works, the threats
are nearly eliminated by liveness detection and attempt limit. In this paper,
we study the seemingly impossible fingerprint brute-force attack on
off-the-shelf smartphones and propose a generic attack framework. We implement
BrutePrint to automate the attack, that acts …

attack attackers authentication aware brute brute-force brute-force attack detection fingerprint industry liveness detection making password password authentication presentation smartphone smartphones target threats