Biometric Authentication Methods
A large corporate bank, using palm-vein biometric authentication, found that Hackers Bypass Biometric Sensors. Their scanner had been compromised and wrongful access was being granted to unauthorized personnel.
The discovery was made by a third-party security system. Who was able to detect that a device violation was present in the palm-vein scanner.
Biometric authentication has been prevalent for decades. Comes in various forms such as fingerprint recognition, eye scans, typing patterns and palm geometry. Fingerprint recognition is the most common among biometric authentication. It was once only used by high profile agencies such as financial institutions in need of maximum cybersecurity risk management. Now it can be found on everyday devices such as smartphones and laptops.
Bypass Biometric Sensors – BeagleBone board
In this specific incident, the perpetrator used a BeagleBone board running USBProxy. When attached to the scanning device and the computer system that stores the records of genuine handprints, allowed the attacker to bypass the authentication.
The BeagleBone does not require any extra hardware in addition to its superior set of input/output features, making it easy to interface with exterior electronics.
Biometric Sensor Bypass and Sepio’s Rogue Device Mitigation
Sepio is the leader in the Rogue Device Mitigation (RDM) market. It is disrupting the cybersecurity industry by uncovering hidden hardware attacks operating over network and USB interfaces.
The only company in the world to undertake physical layer fingerprinting, Sepio calculates a digital fingerprint using the device descriptors of all connected peripherals and compares them against a known set of malicious devices, automatically blocking any attacks. With Machine Learning, the software analyses device behavior to identify abnormalities, such as a mouse acting as a keyboard.Download Case Study