Breach in biometric verification on PCs

Recent research has uncovered serious flaws in the fingerprint sensors used by some popular laptop models such as the Dell Inspiron 15, Lenovo ThinkPad T14 and Microsoft Surface Pro in devices produced by Goodix, Synaptics and ELAN, which implement "match on chip" (MoC) technology where biometric verification is managed directly by the sensor.

Compromise via AitM attacks

Although Microsoft introduced the Secure Device Connection Protocol (SDCP) to strengthen security, researchers have discovered a way to circumvent these measures through adversary-in-the-middle (AitM) attacks. The ELAN sensor, in particular, was vulnerable to counterfeiting and transmitted security identifiers in clear text, allowing a USB device to impersonate the fingerprint sensor and access the system without authorization.

Vulnerabilities specific to fingerprint sensors

The Synaptics sensor had the SDCP protocol disabled by default, leaving security to a faulty custom Transport Layer Security (TLS) stack, which made it possible to bypass the biometric authentication system. As for Goodix, a discrepancy in the fingerprint registration process between Windows and Linux operating systems was exploited, with the latter not supporting SDCP, thus allowing the registration of a fingerprint on Linux which is then recognized by Windows .

Risk mitigation recommendations

The researchers suggest that hardware manufacturers enable SDCP and subject fingerprint sensors to independent verification by qualified experts. The findings highlight the importance of the correct implementation of security measures by OEMs, so as to guarantee effective and comprehensive protection that fully meets the security standards established by protocols such as SDCP.

Video