Android lockscreen series

1. Tricking the Biometric Sensor on a Android Phone
2. Android PIN Code Analysis
3. Android Lock Screen Pattern Analysis**

Biometric identification

An alternative way to unlock the android device is by using biometric identification. Android has a couple different biometric identification systems available for the user, including but not limited to; fingerprint scanning, face scanning, iris scanning, and voice detection. Android uses the Fingerprint Hardware Interface Definition Language(HIDL) to connect the biometric identification hardware and specific software to the android system. Because the hardware and specific software can differ by vendor, the security level of the chosen identification system might be device specific[1]. To use biometric identification on an android device the user has to first enroll their biometric data into the device. This is done by presenting a prompt for the user to scan their chosen biometric several times to create a reliable sample, which is then stored onto the device. When the user wants to use the biometric identification the user will supply their chosen biometric data, such as a fingerprint. This fingerprint is then compared against the enrolled(stored) biometric sample which will return a accept or deny depending on the sample similarity[2]. To generate the accept or deny condition the system uses Spoof Accept Rate(SAR), Impostor Accept Rate(IAR), and False Accept Rate(FAR). SAR measures the probability that the system accepts a previously accepted sample such as a copy of a fingerprint or recording of a voice. IAR is a metric that represents the chance that a fake sample is accepted by the system, such as a fake fingerprint. FAR is a metric that represents the chance that a false or different sample than the enrolled sample is accepted by the system. Such as the fingerprint, face, or eye of a different person.

Tricking the fingerprint sensor

This project have conducted an experiment on the security of the fingerprint of a OnePlus 8 android device. At the time of the experiments the device used the latest supplied build of OxygenOS(Build 11.0.3.3IN21BA) and android version 11. The OnePlus 8 features a in-display fingerprint sensor supplied by Goodix Technology Co[3, 4].This is a opti- cal fingerprint sensor that sits under the screen of the device. It works by by making an area of the display act as the fingerprint button. When the user wants to use the fingerprint scanner, the user places their finger on the area of he display which has the optical sensor. The display on the device will then turn on the pixels under the finger to a bright white color while the optical sensor takes an image of the fingerprint. This fingerprint is then processed, converted and com- pared against the enrolled biometrics stored on the device.

This experiment was done in 3 separate steps:

1. Enrollment. A fingerprint was enrolled into the device’s biometric system. For this a thumbprint was used.
2. Mould. Next a copy of the thumbprint was made to use as a mould.
3. Copy. Finally the fingerprint was transferred to a material that would be used as the fake fingerprint

Enrollment For enrollment, the instructions on the device were followed to enroll a fingerprint into the de- vice. For this the thumbprint on the users right hand was used.

Mould To make a copy of the users fingerprint a mould was created. This mould will later be used to make a usable copy of the users fingerprint. To make the mould a thumb sized ”glob” of hot glue was put onto a flat surface. After letting it cool slightly the user then, with a wetted thumb, pushed their thumb into the hot glue thus creating a indentation of the fingerprint. After letting the glue dry there was a usable mould. The completed mould can be seen in Figure 1. This method was used because of the limited time of the project as well as provide just a proof of concept for the method in a simple way. Hot glue is also a very soft material making it easy to extract the final copy without damaging it. A fingerprint could be collected in a different way using traditional forensic methods for fingerprint collection.

Copy The screen of an android device is a capacitive touch display. This means that once an object touches the display the current going through the object is measured. Therefore the material used for the copy has to be conductive enough to activate the touch display[5]. For this multiple different materials were tried including: Hot glue, silicone, and wood glue. The final material that was chosen was a Cascol 494947 wood glue. The material was then applied in a thin layer onto the mould and let dry. After two days the material had dried enough to peel it out of the mould. The completed copy can be seen in Figure 2.

This method, like the method to create the mould, was chosen because of the limited time of the project and to show a proof of concept. Using traditional methods of fingerprint collection it is possible to create a 3D fingerprint using a different material[5].

Figure 1

Figure 2

After finishing the copy of the fingerprint, it was tested on the OnePlus 8 device. This was done by placing it on the device and pushed down with a non-enrolled finger.

Optimization

The experiment was done on a very low budget with very cheap materials. The way to acquire the fingerprint by making a mould is not optimal as it requires the person with the enrolled biometrics to comply with giving their fingerprint. The material used to make the copy is also not optimal since it takes a long time to dry. The finished fingerprint copy also stopped work- ing after some days when the glue had fully cured, and therefore wasn’t conductive enough to activate the capacitive touch screen. A different and better material could be used. As previously mentioned, it is possible to acquire a fingerprint with traditional fingerprint col- lection methods. This could happen at a crime scene, at a suspect’s home, or willing compliance to supply their fingerprint. As other studies have shown it is then possible to create a 3D finger- print from an image of a fingerprint that can be used to trick a fingerprint sensor[5].

References

• [1] Android Open Source Project. Fingerprint HIDL. https://source.android.com/security/authentication/fingerprint-hal, 2020. Accessed: 2021-02-18.
• [2] Android Open Source Project. Biometrics. https://source.android.com/security/biometric, 2020. Accessed: 2021-02-18.
• [3] OnePlus. OnePlus 8. https://www.oneplus.com/8/specs, 2020. Accessed: 2021-02-18
• [4] GoodixTechnology Co. IN-DISPLAY FINGERPRINT SENSOR. https://www.goodix.com/en/product/in_display_fingerprint_sensor, 2021. Accessed: 2021-02-18.
• [5] J.J. Engelsma et al. Universal 3d wearable fingerprint targets: Advancing fingerprint readerevaluations. IEEE Transactions on Information Forensics and Security, 13(6):1564–1578,2018.