EAST LANSING — No two people are believed to have identical fingerprints, but researchers from New York University and Michigan State University have found that partial similarities between prints are common enough that the fingerprint-based security systems used in mobile phones and other devices can be more vulnerable than previously thought.
The vulnerability lies in the fact that fingerprint-based authentication systems feature small sensors that do not capture a user’s full fingerprint. Instead, they scan and store partial fingerprints, and many phones allow users to enroll several different fingers in their authentication system. Identity is confirmed when a user’s fingerprint matches any of the saved partial prints. The researchers hypothesized that there could be enough similarities among different people’s partial prints that one could create a “MasterPrint.”