Several videos circulating on social media urge users to avoid the peace sign in selfies for fear of fingerprints falling into the hands of hackers. Euronews journalists analyzed whether this security risk exists.
Winston Churchill showing the sign of Victory – Archive photo
The peace sign, with V-shaped fingers, is popular in photos, but viral videos are warning people to stop using it, claiming that scammers could use the fingerprints in the images to steal their data.
Experts contacted by Euronews analyzed how possible this is. Concretely, from a technical point of view it is possible, but very unlikely to be put into practice.
Hard to put into practice
Sarah Morris, professor of digital forensics at the University of Southampton, says that in theory hackers could extract our fingerprints from online selfies, but only under very specific conditions.
“We're talking about the right light, the right camera, the right resolution, the right angle of the finger, the right proximity of the finger to the camera. We're talking very specific conditions here for this to work. With most phones, getting that level of resolution by holding your hand up when you're quite far from the camera is going to be very, very difficult“said Sarah Morris, according to the quoted source.
Frank Breitinger, a digital forensics expert at the University of Lausanne, confirms that extracting sensitive information from high-quality images is difficult and reusing this data is even more problematic.
“Sensitive information can be obtained from good quality images, but otherwise it is difficult. Even if you have it, reusing this data is even more difficult.“, he said.
Many factors, such as image compression on social media platforms, can limit the quality of data available to hackers. Algorithms are unlikely to be able to extract enough information from low-detail photos to create accurate copies of fingerprints.
Even under favorable circumstances, the chances of extracting biometric data from photographs are currently slim. Fraudsters could use AI (artificial intelligence) software and technology to transform image information into biometric data.
“As far as I know, it's no ordinary software. It's certainly not something I've come across as a practitioner and would be difficult to get, to customize at this pointSarah Morris added.
The dangers of social media
However, it is important to be vigilant when posting online, especially with the rapid advancement of AI technology. Even though the video suggests precautions like avoiding exposing fingertips and using filters, current technology doesn't make it easy to extract biometric data from photos. Usually, this data is stored locally, which requires physical access to the device in order to gain access.
“Even if you have this fingerprint, it's not just about taking this photo and sending it to a bank. There is still much to do. Let's say you want to get into my phone, which is protected with my fingerprint: you still need my phone”Breitinger explained, adding that hackers would have to physically replicate the image into something that can be placed on their finger.
“Most sensors are good enough to detect if something is artificial“, he also said.
For good cybersecurity, it's important to be aware of what information you might accidentally reveal in your social media photos. This information may reveal details about your location and activities.
Sarah Morris warned that information you reveal in photos, such as things you love, could be used to guess security questions or passwords. Frank Breitinger suggests that it is more important to be aware of other recognition technologies, such as deepfake video or voice capture, than to worry about fingerprints.
“Fingerprints are still one of the biometric features I trust the most. I'd be more worried about deepfakes or someone capturing my voice than someone stealing my fingerprints.“, he says.
In addition, the expert recommends avoiding sharing high-quality iris photos online and using two-factor authentication for protection.
