Cracking the fingerprint sensor technology on an Android phone can be done using a printer and some glossy paper, it has been claimed.
A 300dpi scan of a fingerprint can be printed on the paper using special conductive ink, and placed on the end of your finger.
Researchers at Michigan State University said the DIY workaround is then able to unlock the phone.
Their study paper said: “We have proposed a simple, fast and effective method to generate 2D fingerprint spoofs that can successfully hack built-in fingerprint authentication in mobile phones.
“Once the printed 2D fingerprints are ready we can then use them for spoofing mobile phones.”
They used Samsung’s Galaxy S6 and Huawei’s Honor 7 phones in their tests.
The left index finger of one of the report’s authors was validated on each of the phones, before another researcher used the technique to unlock it with their own hand.
Researchers Kai Cao and Anil Jain said: “This experiment further confirms the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used for unlocking the phone and for payment.”
The risk to a typical user is small, as the system needs a high-resolution scan of a fingerprint.
However for law enforcement agencies it could provide a way to unlock phones without having to rely on software back doors.
A Samsung spokesperson said: “It takes specific equipment, supplies and conditions to simulate a person’s fingerprint including being in possession of the fingerprint owner’s phone to unlock the device.”
A Huawei spokesperson said: “Honor takes data integrity very seriously and we are committed to protecting customer privacy through the constant updating of new technologies, including fingerprint sensor technology.”
At the Mobile World Congress last month it was also demonstrated that fingerprint sensors on iPhones – seen as having one of the more secure fingerprint systems – could be tricked using dental mould and a small amount of Play-Doh.