Presented at
DEF CON 28 (2020) Virtual,
Aug. 8, 2020, 3:30 p.m.
(30 minutes).
Due to the well-known vulnerabilities in traditional authentication methods through users, passwords and tokens; biometric systems began to be widely implemented in millions of devices with the aim of having a more practical authentication system for users and -supposedly- more robust in terms of security.
Security researchers were not far behind and started to analyze the security of these biometric controls. In recent years, different techniques have been presented to bypass the authentication of, for example, the smartphones that began to implement these systems.
What is new in this talk? avoiding focusing on a particular device, we have gone deeper studying the operation of the sensors implemented in different biometric systems (Optical, Capacitive, Ultrasonic, Facial, etc.) and consequently, we discovered new techniques to bypass them. Through this talk, we will show how to fool biometric sensors by the enhanced grease attacks and, even better, the techniques to succeed at bypassing these controls using 3D printing.
Presenters:
-
Yamila Levalle
- Researcher at Dreamlab Technologies
Yamila Vanesa Levalle is an Information Systems Engineer, Security Researcher and Offensive Security Professional with more than 15 years of experience in the InfoSec area.
Yamila currently works as Security Researcher and Consultant at Dreamlab Technologies where she specializes in offensive techniques, conducts researches, gives trainings and write papers and blog posts. She is an international security conferences speaker and has presented her researches at important events such as BlackHat Arsenal Vegas, PHDays Moscow, Northsec Montreal, AusCERT Australia, 8.8 Security Conference Vegas, SCSD Fribourg, Ekoparty Ekolabs, OWASP Latam Tour and others. She has taught ethical hacking courses for women, CTF courses for beginners and several information security trainings.
Links:
Similar Presentations: