Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security IT

Doctors Bypass Biometric Scanners With Fake Fingers 139

jfruh writes "At a Brazilian hospital, doctors were required to check in with a fingerprint scanner to show that they've showed up for work. Naturally, they developed a system to bypass this requirement, creating fake fingers so that they could cover for one another when they took unauthorized time off. Another good example of how supposedly foolproof security tech can in fact be fooled pretty easily."
This discussion has been archived. No new comments can be posted.

Doctors Bypass Biometric Scanners With Fake Fingers

Comments Filter:
  • by Anonymous Coward on Friday March 15, 2013 @12:47PM (#43184363)

    All the security experts who think that biometrics are the end-all-be-all of security are mistaken. Biometrics are not secrets, so once one knows your biometric id, they can impersonate you and you can't change your password!

    • by TWX ( 665546 ) on Friday March 15, 2013 @01:16PM (#43184741)
      A decade ago, a friend of mine suggested that if they *really* wanted foolproof biometrics, to use "colon terrain mapping".

      I told him that I wasn't sure that I could be his friend anymore...
      • I really thought you'd go out on a limb for your friend here and actively demonstrate to him why this is such a bad idea.

        • by Anonymous Coward

          Maybe the friend was hoping it would be demonstated on him

        • by rwa2 ( 4391 ) *

          Heh, speaking of going out on a limb, one of the other security requirements for authentication techniques is having some kind of key revocation mechanism in case the key gets compromised. So in the case of biometric security, if someone manages to duplicate your fingerprint (or your colon), then it's time to revoke it and (somehow) issue you a new one! Snip snip.

      • by account_deleted ( 4530225 ) on Friday March 15, 2013 @01:42PM (#43185013)
        Comment removed based on user account deletion
    • Re: (Score:1, Interesting)

      by Terkanil ( 1533411 )
      Biometrics are not difficult. Others have commented on this as well. For demonstrations with Biometrics, there's an episode of Mythbusters that is right up you're alley. They laughably show how easy it is to bypass multiple biometric options.
    • by Hentes ( 2461350 )

      So how would using a password-based system prevent the doctors from sharing their passwords with each other and continue slacking off?

      • by Anonymous Coward on Friday March 15, 2013 @01:45PM (#43185047)

        So how would using a password-based system prevent the doctors from sharing their passwords with each other and continue slacking off?

        That's a social problem. There is no technological solution. I repeat, technology cannot solve every problem. How do you solve this problem? Check once and a while. The guys daughter was listed as being there every day for three years and never worked a single day. The people who just trusted a glorified punch card machine instead of once verifying it in person should be fired too.

      • by Molochi ( 555357 )

        Really it's no different than sharing a postit note with your password.

        I've never worked anywhere where biometric scans wouldn't involve a full fake hand and a PIN to go with it. I'm guessing doctors would just sharpie that on the back of a rubber hand... and the pin would of course be 1-2-3-4-5-6.

      • So how would using a password-based system prevent the doctors from sharing their passwords with each other and continue slacking off?

        Unique password dongle (like some companies use to grant vpn access) might help. Since only one at a time can exist for any particular doctor, it at least makes the logistics of covering for someone more difficult.

        But I think the person who suggested colon terrain mapping has a good idea. It'd go something like this. "The first time we catch someone trying to game the system, we're switching to colon terrain mapping to grant access to the building. And if we're feeling really magnanimous, you just might

    • by swillden ( 191260 ) <shawn-ds@willden.org> on Friday March 15, 2013 @09:26PM (#43188255) Journal

      Biometrics are good for two categories of applications: Super high security, James Bond type stuff, and casual semi-security, where you want something to keep out the lazy but don't care that much. In between, they're broken.

      They work great in high-security applications when you have a controlled environment, which generally means an attended environment -- a guard is standing there very carefully watching the scanning process, and the scanners and all of the support systems are tightly secured.

      And they're fine in circumstances where you don't care very much.

      In between, biometrics are not secrets, and the fact that some scanner reported an image which appears to match means very little.

      • by cusco ( 717999 )
        A bio-scanner on its own, no matter the type, is an incorrect use of the technology. It should be only one part of a multi-part authentication system, generally combined with a key card of some type. You can still fool the system, but now you have to work much harder to get two fake pieces instead of one, and those pieces have to match each other.
        • A bio-scanner on its own, no matter the type, is an incorrect use of the technology.

          No, biometric scanners can provide good authentication on their own, as long as you can ensure that the object being scanned is actually the person, and that it's not possible to tamper with the scanner, data path, matching engine or template store. It's also important to understand the resolution of the scanning system, meaning its ability to distinguish between individuals. If you're using a single biometric for both identification and authentication, you're almost certainly doing it wrong, unless the num

    • by gweihir ( 88907 )

      This is actually one way to tell a good security expert from a bad one: The bad ones do not get that biometrics is more of a problem than a solution, while the good ones know this.

      There is a third class though: The immoral ones that want to sell you something that does not work, but they do not care.

  • Probably would have held out longer.

    • by ShanghaiBill ( 739463 ) * on Friday March 15, 2013 @01:15PM (#43184719)

      Probably would have held out longer.

      A fingerprint scanner with a pulse detector (which many have) would have been fine too. Any security system can be bypassed with enough effort, so you need to consider what you are trying to protect, and make sure bypassing security is more trouble than it is worth. A doctor who wants an extra day off will obviously make a fake finger, but may not go to the trouble of making a pulse generator.

      • by Vicarius ( 1093097 ) on Friday March 15, 2013 @01:29PM (#43184887)
        Pulse detector can be fooled too. Check the end of this presentation, where he tried different molds and techniques, and finally succeeds opening a safe that detects pulse using a fake fingerprint: DEFCON 19: Safe to Armed in Seconds: A Study of Epic Fails of Popular Gun Safes [youtube.com].
        • Pulse detector can be fooled too.

          Of course it can be fooled. Any security system can be fooled with enough effort. You can duplicate a house key at any hardware store, but people still use house keys because they are "good enough". It is more trouble to duplicate a key than to just rob the neighbor's house with the unlocked window. Pulse checking fingerprint scanners can be fooled, face recognition can be fooled, iris scanners can be fooled. It is even possible to bypass 4096 bit encryption [xkcd.com]. You just need to consider what you are try

          • "Any security system can be fooled with enough effort."

            I was thinking maybe death row is pretty secure. So I searched for it and found a 1984 case where 6 death row prisoners escaped.

      • A fingerprint scanner with a pulse detector (which many have)

        I would hope all the doctors at the hospital in question have a pulse.

      • by mrmeval ( 662166 )

        *sigh*

        In the 1990s kids I said

        "The problem with biometrics is keeping the body parts alive." --mrmeval

        Ask a medical student preferably one that's a surgeon and research scientist how they'd keep your finger alive and pulsing. There may still be a professor at the University of Texas Medical School who was on the cypherpunks list and listed what he could do to keep some body parts alive in the late 1990s I'm the technology has improved.

        • Insightful. Improved biometrics will be pretty hard to justify if it results in people getting murdered just to get their "security pass."

    • Now doctors just give each other the finger.
      • Now doctors just give each other the finger.

        The Digita Impudenta security breach was known to the Romans.

  • by fuzzyfuzzyfungus ( 1223518 ) on Friday March 15, 2013 @12:52PM (#43184421) Journal

    In addition to being a reminder that the people with a hard-on for 'biometrics' are either morons(Here you go, you were born with only ten passwords, so don't lose them!) or primarily interested in surveillance and tracking, or both; this is a useful reminder that 'security' is a system of interlocking parts Not a product you buy from your Solutions Vendor(tm) and set-and-forget.

    We have the one doctor, who was caught with the fake fingers, along with at least three others who were ghosting through their shifts. She claims that they leaned on her, threatened her job if she refused to help with the con, they probably claim that she was in on the con and was absent on other days. Regardless of which of those is true, how many other people at the hospital would be in the position to notice whether or not a doctor is present and doing stuff? Probably more than a few. The front-desk servitors had to know what patient flow looked like, restock requests for supplies in various exam rooms can't have looked right, there are a lot more details than the punch-card machine here. This hospital isn't so much suffering from a 'fingerprint scanners are oversold' problem; but a problem with either massive cheating and/or apathy toward cheating, or unaccountable abuse of authority to suppress people who could have blown the whistle.

    • Doctors are treated like kings at medical centers and hospitals, especially private hospitals where the doctors are the practice owners. It wouldn't be surprising if the entire support staff turned a blind eye to abuse of the clock in system.
      • Comment removed based on user account deletion
    • by Archangel Michael ( 180766 ) on Friday March 15, 2013 @01:06PM (#43184607) Journal

      Technology cannot ever fix Sociological problems, it can only mask them.

      We design technology in ways so that it routes around failures, and then wonder why it fails when humans do the same thing. You want to solve the problem of people not showing up for work, you fire them or put them on 2 week unpaid leave, or doc their pay, or whatever. If you aren't going to do anything about it, then stop making noise and let them skip out.

      Why is this so hard?

    • (...) apathy toward cheating, or unaccountable abuse of authority to suppress people who could have blown the whistle.

      Wow! How do you now so much about Brazilian public service?

    • by SirGarlon ( 845873 ) on Friday March 15, 2013 @01:17PM (#43184759)

      In addition to being a reminder that the people with a hard-on for 'biometrics' are either morons

      There's a difference between 'uninformed' and 'moronic.' Part of the problem with IT security is that it's full of self-proclaimed experts who heap scorn on the uninformed instead of trying to educate them. You're not one of those, are you?

      • Re: (Score:3, Insightful)

        by Anonymous Coward
        You educate your sociopathic boss who reads Wired and thus (thinks he) knows more about this stuff than you. You can't, and he now hates you because you "subverted his authority". Guess what? He's moronic.

        At the other end of the spectrum: Go ahead and educate Johnny Salesman. His eyes glaze over, and he's now thinking about watching the big game with his Bud Lite in hand. He's not listened to a word you've said. You've wasted your time and his. Guess what? He's moronic.

        The vast majority of pe
        • by naroom ( 1560139 )
          People hate feeling stupid, and if you pass information to them in a way that makes them feel smart, it will stick better. Your average undergraduate doesn't care about what you're trying to teach them, but they DO care about looking better than their peers, and looking good to employers. Knowledge isn't an end, it's a means to an end. Before you try to teach something, make sure it's something they want to know (even if it's for a stupid reason).
  • Granted, they can be thrown off by any change in the hands biometric signature, such as a new ring or even swelling due to allergies. But they are very hard to trick. Finger print scanners have been fooled by hot-dogs with xeroxed finger print swirls on them.
    • by cusco ( 717999 )
      Hand key scanners are hideous. Anyone who has ever worked installing, configuring, servicing or maintaining them will tell you how much the hate the damn things. The false negative rate is terrible, they can be thrown off by hands swelling or shrinking because of temperature, exercise, menstrual water weight-gain, diets, or more. They get out of calibration if you breathe in their general direction. In case you haven't got it yet, I absolutely loathe them.
  • by Anonymous Coward

    Who the hell thinks fingerprint scanners are foolproof? We've had "how to pass a fingerprint scanner" stories for a decade now.

  • This has been done before.

    Prior Art. [bbc.co.uk]

  • "This fake finger smells like it has been up someone's butt!"
  • No one is dumb enough to claim that finger print readers are secure. It's one step up from a password. All you need to get is a finger print from the "doctor" you want to be for the day and with a little effort you can replicate access. Out of all bio-metric security systems, finger prints are pretty insecure.
    • Re:What? (Score:5, Insightful)

      by DMUTPeregrine ( 612791 ) on Friday March 15, 2013 @03:21PM (#43185867) Journal
      NO!

      Biometrics aren't a replacement for passwords, they're a replacement for USERNAMES. They provide a "something you have" factor to authentication, there still needs to be a "something you know."

      Like usernames they aren't secret. They don't need to be secret, and they can be copied without ruining the security of the system. They don't need to be changed, and are unique to each user. Biometrics are great when used as usernames, and a security nightmare waiting to happen when used as a password.
      • by Anonymous Coward

        Actually it is not "something you have", but "who you are".
        A physical key, a dongle with one-time-passwords, a photo-id; is "something you have".

        There are two more security methods beyond the three well-known ones:
        - "Where you are" locations are often used for authentication, think a bank system which raises a fraud flag when two ATM withdraws happen close in time to each other in different countries.
        - "What everyone knows" The 'security' questions which you supposed to fill in with information everyone can

        • No, it's something you have. Your finger is something you have. Your eyes are something you have. They can be removed. It's just a matter of how much effort the attacker is willing to put in to get that something you have. Depending on the kindness of your attackers is never a good security strategy.

          The very ability to duplicate fingerprints by making fake fingers is a clear example that a biometric is just another something you have.

          Confusing biometrics with being something you are is a common mistake.
  • Mythbusters already did this http://blogs.technet.com/b/steriley/archive/2006/09/20/457845.aspx [technet.com]

    This happened almost 7 years ago

  • by jd659 ( 2730387 ) on Friday March 15, 2013 @01:13PM (#43184701)
    It surprises me that many debate the “security” of the fingerprint scanners while omitting the major flaw of any biometric system – it is not revocable. You cannot simply reset someone’s fingertips if the system for that instance has been compromised. With pretty much all other authentication there’s some mechanism to delete the bad entry: a password can be reset, a certificate can be revoked, a compromised key can end up in the black list, etc. None of this is possible with any biometric system. Even if it takes an elaborate trickery and a lot of resources to duplicate a finger, a hand, or a mockup of the retina scan, once it’s done, it cannot be “cancelled” at the biometric system level.
    • by Nadaka ( 224565 ) on Friday March 15, 2013 @01:26PM (#43184863)

      It can be canceled at the biometric level...

      You are just squeamish about the organ replacement process.

      I bet you found it inconvenient to change your passwords every 90 days as well.

    • by Endo13 ( 1000782 )

      Well no, but it also can't be passed over the internet in bulk like passwords can. Also, if a fingerprint scanner gets compromised, it's not so much a matter of one instance being compromised - it's the system itself. So you either need to remove the individuals who compromised it (in this case they suspended the doctors) or revamp the system.

      • by cusco ( 717999 )
        Really? You don't think that an image of a fingerprint or iris can be passed over the Internet "in bulk"?
    • by eth1 ( 94901 )

      It surprises me that many debate the “security” of the fingerprint scanners while omitting the major flaw of any biometric system – it is not revocable. You cannot simply reset someone’s fingertips if the system for that instance has been compromised. With pretty much all other authentication there’s some mechanism to delete the bad entry: a password can be reset, a certificate can be revoked, a compromised key can end up in the black list, etc. None of this is possible with any biometric system. Even if it takes an elaborate trickery and a lot of resources to duplicate a finger, a hand, or a mockup of the retina scan, once it’s done, it cannot be “cancelled” at the biometric system level.

      This is less a problem with biometrics, and more a problem with the way they're used. Using a fingerprint as the ONLY authentication is idiotic, but on the other hand (heh) which would you rather have on your bank's ATM? Card+PIN, or Card+PIN+fingerprint? I can't count the number of times I've rolled up to an ATM and found a card in it, or worse, the previous user left it on the "Do you want another transaction? Yes/No" screen. Replace the Yes/Enter button with a fingerprint scanner, and that's no longer an

      • by jd659 ( 2730387 )

        Using a fingerprint as the ONLY authentication is idiotic, but on the other hand (heh) which would you rather have on your bank's ATM? Card+PIN, or Card+PIN+fingerprint?

        I still think that having two somewhat insecure systems is better than one insecure system + biometrics. A card+pin is a perfect example and the dual piece authentication is better than a single piece. What would be better though: a card+RFID or card+biometrics? RFID is inherently insecure, it can be cloned relatively easily. Even then, I would argue that a card+RFID is more secure than a card+biometrics. Why? Because if the biometrics is hacked, your NEXT card will be vulnerable and other places tha

    • You're doing it wrong. The biometric data is not like a password -- it's like a username. Do you change your username whenever you change your password? Of course not. You don't want it to be changeable or revocable. The password is separate from the biometric id. That's what you change. And obviously permissions associated with the id are modifyable/revocable. If the biometric id is compromised, you change the password, and perhaps flag the account to notify security if it is used (and the swat team if it
  • Why to to all the trouble with making fake fingers when all you need are gummi bears [slashdot.org]

    Bypass security. Tasty snack. It's the two-in-one product of modern technology!

  • Attendance is not a security issue.

    If they're allowing biometric authentication as a single factor authentication to clinical data, there's cause for concern. In this case, this is biometric identification, and is still more reliable than punching an ID into a time system.

    In healthcare, biometrics are usually used, if at all, as a second factor for authentication. (And that usage is rare because certain demographics have fingerprints that are not reliably read by most scanners.)

    • by PRMan ( 959735 )

      (And that usage is rare because certain demographics have fingerprints that are not reliably read by most scanners.)

      I assistant coached my daughter's soccer team and they had the FBI at the orientation with a fingerprint scanner for all the coaches. I have sweaty hands and after the third try in 104 degree weather (that's 40C), he accepted the slimy unreadable print.

      • Yes, the FBI should be present at all soccer games to make sure you don't molest the 8 year old little league girls. Don't you watch the news? 87% of the country is pedophiles and the other 13% is kids.
  • by Anonymous Coward

    ...they gave the government the finger...

  • Here we use fake doctors [cracked.com]...

  • You appear to have dropped your finger there buddy, gotta be more careful with that!
  • by Anonymous Coward

    In Brazil banks started to use ATM's with finger print reading.
    Only the finger print is necessary to withdraw money from your account...

    http://www.tecmundo.com.br/banco/34422-adeus-cartao-de-banco-itau-e-bradesco-autorizam-saques-via-impressao-digital.htm (in portuguese)

  • Biometrics have one fatal flaw that has always scared the hell out of me. If someone wants past biometrics, they will either develop fake body parts that work as good as the original, or they will just remove the actual body part.

  • it's the piss-poor AI. Even the dumbest human in the world can instantly tell if a person is actually sticking his own finger in the scanner or if he's holding a plastic fake, with 100% accuracy.

    Kurzweil may have wet dreams about singularity, but I don't think computers can ever achieve awareness. They lack atman, immortal soul, theta, life essence, the Force, or whatever you wanna call it.

  • The fact that the doctors were trusted as both the authenticating-client and the key-holder was the issue here. Not biometric authentication. There was no promise that the doctors were not the malicious users themselves, but rather the authenticating-client here had an inherent incentive (getting paid without working) to help defeat the system. So, for all the criticism of biometric systems here -- we're missing the point, the implementation was incorrect to start. Attacking the medium is misguided, an

  • by buybuydandavis ( 644487 ) on Friday March 15, 2013 @03:21PM (#43185873)

    Buried in the article

    "Most current fingerprint scanners have technology that can detect whether the finger has a pulse, and some read fingerprints at a depth below skin level, which would render the silicon fingers useless. Apparently, that hospital is using an older type of scanner."

    Old, crappy technology fooled. Whoopie.

    And it appears that this was an organized criminal enterprise:

    "The mayor of Ferraz de Vasconcelos, Acir Fillo, said there might be as many as 300 hospital employees who do not exist, except for fake fingers with their prints, but who get paid anyway."

    And what grownup thinks any security technology is "foolproof", let alone "motivated criminal enterprise proof"? The technology isn't perfect, therefore it's crap?

    And by the way - "silicon" fingers? Bet you a dollar that should have been "silicone".

    If this guy is actually paid to write this crap, he needs to be fired.

  • by westlake ( 615356 ) on Friday March 15, 2013 @03:38PM (#43186025)
    Obsolete tech.

    When I first saw the headlines for this story I immediately went to a much darker place. I envisioned doctors going into the morgue and borrowing a few digits for use in fooling the machines. I mean, it's not like those guys needed them any more. Things like this have happened before.

    Then I realized this wouldn't work. For one thing, they'd have the wrong prints. For another, they'd be, well, a bit chilly.

    Most current fingerprint scanners have technology that can detect whether the finger has a pulse, and some read fingerprints at a depth below skin level, which would render the silicon fingers useless. Apparently, that hospital is using an older type of scanner.

    Giving biometric scanners the (fake) finger [itworld.com]

    Inside job.

    The perfect example of corruption and conspiracy that begins --- and must begin --- at the top.

    Another television network said it was the head of the emergency room that ran the scam and that his daughter had not worked a day in three years but got paid all the time.

    Fake fingers to fool the boss at Brazil hospital [france24.com]

    Ferreira confessed to using different fake fingers bearing the prints of 11 fellow doctors and 20 nurses in order to pretend they were showing up to work five overnight shifts each month, instead of just one, police said.

    Ferreira also said the staff at the Ferraz Vasconcelos Hospital paid $2,400 per month to participate.

    The doctor will face charges of falsifying a public document and could get two to six years in prison.

    Brazilian doctor caught using fake fingers in biometrics scam [theprovince.com]

  • by Anonymous Coward

    The best biometric for doctors is obviously their handwriting - nobody can forge that shit (or read it).

Whatever is not nailed down is mine. Whatever I can pry up is not nailed down. -- Collis P. Huntingdon, railroad tycoon

Working...