Why PM Modi should stop flashing the victory sign. And you should too

Prime Minister Narendra Modi loves to flash the victory sign (also the peace sign) — he does it during election campaigns, he does it after casting a vote (he even drew Congress ire for this in 2012), and, of course, he does it when his party (BJP) wins elections. The internet and the media are abound with photographs of a smiling Modi, the fingers of his left, or right, and at times even both hands, extended in a ‘V’.
He’s not the only public persona who has an affinity for the ‘V’ sign. Many politicians, actors, rockstars and celebrities do it, especially while posing for photographs. From Hillary Clinton to John Lennon, Michael Jackson to Johnny Depp, Virat Kohli to David Beckham — the list of people who flash/have flashed the ‘V’ sign with their index and middle fingers is pretty exhaustive. Heck! You and I have probably done it too, at some point of time or the other. And still do.

But stop! Cybersecurity experts strongly advise PM Modi and the rest of us to quit this practice immediately. Why? Because hackers can lift your fingerprints easily from photographs where your fingers are clearly visible, provided it’s a high resolution picture shot with ample light falling on the fingers.

You could burn your fingers

Sounds very Mission Impossible-ish, doesn’t it? Like Tom Cruise’s character, Ethan Hawke, in the sci-fi spy thriller series where fingerprints, and even identities, are lifted in the blink of an eye. Well, it’s very much Mission Possible, according to experts.
Cybersecurity firm Lucideus Tech’s co-founder, Rahul Tyagi, explains how simple it is to actually lift a fingerprint from photographs. He adds that there is no complex technology involved in doing it either.

“The hacker can pull the photograph off the internet. By using some simple software like Photoshop, you can zoom into the image to get the technical coordinates of someone’s fingerprint. Once you have that, there are fingerprint extraction algorithms and software, some of which are open source and free. Then, you get a polyfinger out of a 3D printer. Polyfinger is a material which looks and feels like flesh and skin,” Tyagi explains. Polyfinger is a reference term in hacking culture used for rubber-based fingerprints made by the Center for Identification Technology Research (CITeR).

Stop playing into criminals’ hands

Last month, a research team at Japan’s National Institute of Informatics (NII) also proved that fingerprints can easily be lifted from photographs. The researchers were able to copy fingerprints based on photos taken by a digital camera three metres away from the subject.
As technology evolves, the way crimes and frauds are committed is also fast evolving. Imagine what hackers, criminals and non-friendly nations can do if they get access to world leaders’ fingerprints, PM Modi for instance. There would be mayhem!
Back in 2014, Jan Krissler AKA Starbug, a member of Europe’s oldest hacker group, the Chaos Computer Club, used high resolution photos, including one from a government press release, to successfully recreate the fingerprints of Germany’s defence minister Ursula von der Leyen. Starbug used a commercial software called VeriFinger to reverse-engineer the fingerprint.

Michigan Police last year 3D printed a replica of a murder victim’s fingers complete with his fingerprint to unlock the dead man’s phone. They did this with the help of a computer science professor who works on biometric identifiers.

Picture this: Your fingerprints have been compromised through a photograph in which your fingers are on full display in good light. Now imagine how easy it would be for someone to commit a murder or some other crime and leave your compromised fingerprints at the crime scene. Then there’s the fact that, thanks to the Aadhaar initiative, the government now has access to most citizens’ fingerprints. The authorities will trace the fingerprint back to you through its database and you may be implicated even though you had nothing to do with the crime.
“If you lose your password, or if someone hacks into your mail or your phone, you can just change your password. It’s easy. In future, passwords, security pins will be done away with. Your fingers will be your single point of access to your emails, your laptops, banking systems, etc. But, if your fingerprint is leaked, you cannot reset it. There is no good comeback,” warns Tyagi.
So world leaders and citizens take note — stop flashing the ‘V’ sign!