Home / Tech News / Featured Tech News / Vein authentication has already been cracked using a fake wax hand

Vein authentication has already been cracked using a fake wax hand

Damien Mason December 31, 2018 Featured Tech News

Biometric security is on the rise thanks to smartphones utilising fingerprint, retina and facial scanning technology, however vein authentication has regularly been considered superior thanks to its difficult-to-replicate methods.  Or so we thought. Researchers have now revealed that they managed to crack the system with a single image and cheaply-made wax hand.

Vein authentication is similar to fingerprint verification in that it scans the unique structure of a person’s veins under their skin, while removing the possibility of leaving prints behind whenever we touch something. Thanks to its reputation, local news site Welt reports that Germany’s signals intelligence agency, the BND, supposedly uses the technology within its Berlin headquarters.

Sadly, Motherboard reports that security researchers have since cracked the technology, utilising an SLR camera with its infrared filter removed and some wax:

“It makes you feel uneasy that the process is praised as a high-security system and then you modify a camera, take some cheap materials and hack it,” German researcher Jan Krissler tells the publication, in collaboration with Julian Albrecht. “It’s enough to take photos from a distance of five meters, and it might work to go to a press conference and take photos of them.”

Krissler makes the process sound easy, requiring just a single photo with a modified camera and 15 minutes to assemble the wax hand from cheap materials in order to spoof the system, but the testing process was much more thorough. Krissler and Albrecht took over 2,500 photos of their hands across a 30-day period before deducing that a single image could be utilised in the hack.

The bypass was by no means perfect and its real-world applications are currently in question, but there is an inherent problem with allegedly top-notch security if a two-person team can breach the system with little effort. Should any amount of well-funded research go into refining this process, vein authentication could prove to be incredibly ineffective.

KitGuru Says: Almost all types of security have been beaten, with Apple’s Face ID and Touch ID continuously challenged by researchers, but it’s unusual to see a technology that’s barely established in the commercial market be toppled so easily. Here’s hoping leading manufacturers Fujitsu and Hitachi strengthen their systems before exploits begin turning up aplenty.

Become a Patron!

Tags

Check Also

AMD might be preparing a Radeon RX 9070 GRE

New rumours suggest AMD might be preparing to expand its RDNA 4 graphics card lineup …

© Copyright 2025, Kitguru.net All Rights Reserved Standard Terms

We've noticed that you are using an ad blocker.

Thank you for visiting KitGuru. Our news and reviews teams work hard to bring you the latest stories and finest, in-depth analysis.

We want to be as informative as possible – and to help our readers make the best buying decisions. The mechanism we use to run our business and pay some of the best journalists in the world, is advertising.

If you want to support KitGuru, then please add www.kitguru.net to your ad blocking whitelist or disable your adblocking software. It really makes a difference and allows us to continue creating the kind of content you really want to read.

It is important you know that we don’t run pop ups, pop unders, audio ads, code tracking ads or anything else that would interfere with the KitGuru experience. Adblockers can actually block some of our free content, such as galleries!