Veins were the rising star of biometric payments, till the latest Chaos Communication Congress. It’s the same concept of other biometric authentication options like the fingerprint scan, iris scan, or facial recognition tech, but veins were like the Goldilocks of biomarkers.
But hackers have found a workaround for that, too. On Thursday at the annual Chaos Communication Congress hacking conference in Leipzig, Germany, security researchers described how they created a fake hand out of wax to fool a vein sensor.
“It makes you feel uneasy that the process is praised as a high-security system and then you modify a camera, take some cheap materials and hack it,” Jan Krissler, who goes by the handle starbug, and who researched the vein authentication system along with Julian Albrecht, told Motherboard over email in German.
Vein authentication works with systems that compare a user’s placement of veins under their skin compared to a copy on record. According to a recent report from German news wire DPA, the BND, Germany’s signals intelligence agency, uses vein authentication in its new headquarter building in Berlin.
Original article at Motherboard HERE