Like bullets fired from a gun, photos can be traced to individual smartphones, opening up new ways to prevent identity theft.
A University at Buffalo-led team of researchers has discovered how to identify smartphones by examining just one photo taken by the device. The advancement opens the possibility of using smartphones — instead of body parts — as a form of identification to deter cybercrime.
Like snowflakes, no two smartphones are the same. Each device, regardless of the manufacturer or make, can be identified through a pattern of microscopic imaging flaws that are present in every picture they take,” says Kui Ren, the study’s lead author. “It’s kind of like matching bullets to a gun, only we’re matching photos to a smartphone camera.
How does it work?
The new technology, to be presented in February at the 2018 Network and Distributed Systems Security Conference in California, is not yet available to the public. However, it could become part of the authentication process — like PIN numbers and passwords — that customers complete at cash registers, ATMs and during online transactions.
The protocol defeats three of the most common tactics used by cybercriminals: Fingerprint forgery attacks, Man-in-the-Middle attacks and replay attacks. It was 99.5 percent accurate in tests involving 16,000 images and 30 different iPhone 6s smartphones and 10 different Galaxy Note 5s smartphones.
- ABC: Enabling Smartphone Authentication with Built-in Camera (paper)
- Your smartphone’s next trick? Fighting cybercrime. (buffalo.edu)
- Forget Face ID: Scientists Fight Cybercrime With Photos (geek.com)