Tsutomu Matsumoto - who is affiliated with the Graduate School on Environment and Information Sciences at Yokohama National University in Japan - gained unauthorised access with the aid of a fake finger moulded out of gelatin.
Matsumoto used the finger on 11 different biometric scanners and gained access 80% of the time, he claimed.
His next experiment involved drawing latent fingerprints from a piece of glass and adding those prints to the gelatin finger. After lifting the fingerprint from the glass, he enhanced it, photographed it and tweaked the image in Adobe Photoshop.
Matsumoto then printed the fingerprint image onto a transparency sheet and had it etched into a photosensitive circuit board. The print on the circuit board was then applied to the gelatin finger. This technique also allowed access about 80% of the time.
The data seems to contradict the claims of companies that sell biometric authentication systems. They have said biometrics is one of the hardest security methods to crack because of the reliance on the unique physical characteristics of users. Matsumoto, however, appears to have proved them wrong.
Matsumoto posted his discoveries online, but Bruce Schneier, who also broke the news in his Crypto-Gram e-mail newsletter, said, "If he could do this, then any semi-professional can almost certainly do much, much more.
"All the fingerprint companies have claimed for years that this kind of thing is impossible. When they read Matsumoto's results, they're going to claim that they don't really work, or that they don't apply to them, or that they've fixed the problem. Think twice before believing them."
Matsumoto's presentation is available online at