Hackers Build Fake Hand to Beat Vein Authentication

Security researchers at the Chaos Communication Congress disclosed how hackers can bypass vein scanning authentication systems.

Security systems are increasingly using biometric data like fingerprint sensors or face scans to authenticate users. Another method called ‘vein authentication,’ involves computer scanning of the shape, size, and position of a users’ veins under the skin of the hand.

Hackers discovered a workaround for the security technology. At a hacking conference in Germany, security researchers showed how they could create a fake hand out of wax to fool the sensors.

Vein authentication works by comparing the user’s veins to a copy on record. One of Germany’s intelligence agencies uses vein authentication at its new headquarters.



Photo: “Happy Hands” by Alan Levine is in the Public Domain