Skip to main content Skip to main navigation

A safer world

03 Feb 2021 • 3 minute read

Cyber security

Fingerprints are rapidly losing their effectiveness as a secure method for smartphone access, as cyber criminals have discovered ways to bypass the technology.

Why your smartphone could soon be scanning your veins

Manufacturers may be favouring fingerprints over passcodes to allow access to smartphones, but Edith Cowan University researchers already see the technology as nearing obsolescence.

That's why they're developing a new biometric security system that combines your fingerprint with a simultaneous scan of the veins in your finger.

That's because the layout of your veins is unique.

Dr Wencheng Yang from the ECU Security Research Institute estimates the new technology could become commonplace in five to ten years.

"In the future, we'll need more security, because threats are always evolving," Dr Yang said.

"While fingerprints are better than other existing security systems, there are problems.

"We leave fingerprints everywhere and they can be duplicated using adhesives like tape or even Play Dough.

"Facial recognition is also limited, because high-resolution imagery is easy – but there is no easy way for someone to see inside your body."

Cyber security is a strategic priority for Australia's national security, including for its critical infrastructure. Beyond national security, cyber security also impacts increasingly upon Australian businesses, governments and private individuals. We aim to deliver systems, architecture and software solutions to ensure the security of crucial infrastructure including energy, water, communications and finance based on industry imperatives.
Cyber Security CRC Chair, David Irvine

More protection at scanning and storage stages

The new technology involves a single sensor that combines image data (vein) and minutiae-based data (fingerprint) to improve recognition exponentially.

These different extraction approaches add complexity for anyone attempting to duplicate the system.

The fact that images of the vein are captured by an infrared sensor also reduces the ability of a hacker to build a spoofing device to mimic the physical attribute.

And if this weren't enough, the technology is also a cancellable system, which sees a person's original features transformed and stored in a way that is not reversible should a security breach occur.

'A fingerprint and finger-vein based cancellable multi-biometric system' by W. Yang, S. Wang, J. Hu, G. Zheng and C. Valli is published in Pattern Recognition.

The number of smartphone users is forecast to grow to around 2.5 billion in 2019.
1.5 billion smartphones were sold in 2017.
China and India have over 1 billion mobile subscribers.
Of 2 billion active Android users, 846 million are exposed to malware as they don't have the latest version.

Australia's new cyber security CRC

The Cyber Security Cooperative Research Centre has its Head Office at Edith Cowan University's Joondalup Campus in Western Australia.

The CRC has nodes in all Australian mainland states and the ACT, and will recruit a significant number of international postdoctoral researchers, as well as PhD students, Masters students and Honours students, all of whom will be embedded in industry.

The CRC brings together expertise across 6 of Australia's leading cyber security universities together with industry and government partners, including the Australian Federal Police, Australian Tax Office, Attorney General's Department, CERT, Cisco, Department of Defence, Data61, Tata Consultancy Services, Jemena, ActewAGL and Singtel Optus.

The CRC will focus on three key areas:

  1. Ensuring the security of critical infrastructure by developing innovative solutions to predict, prevent, detect, and respond to cyber threats from nation states and individuals.
  2. Ensuring industry and the community can access online services with confidence. This will grow Australia's reputation as a safe and trusted place to do business.
  3. Address the skills shortage by training the next generation of cyber security professionals.