in biometrics this is called a Presentation Attack (PA), here the fake fingerprint is the analog of presenting a photograph, video or 3dp mask to a face recognition system. this is usually mitigated by the use of Presentation Attack Detection (PAD) systems, either hardware, software or hybrid. in this particular case it can easily be mitigated by some hardware that measures the amount of water in the biometric sample, for instance capacitive sensor, transparent conductive electrodes or maybe even better some optical sensor that is sensitive to SWIR wavelengths reflectivity differences (1000 and 1200 nm would be great here). a short scholar search will indeed reveal that this is a very active area of research, and probably will reveal tens of papers from our group which is a leader in this.
For devices like phones and laptops, this sounds too complicated. Why not instead just use passwords, patterns, etc? I doubt anyone who's genuinely sensitive about their device being secure uses biometrics to unlock it anyway, so this seems to be just a convenience feature for the casual user with minimal security concerns. As such, making it more complicated doesn't seem worth it.
And if we're talking about authenticating people in truly secure environments, my gut tells me that adding a couple more factors to even a simple fingerprint reader ought to be more secure and robust than making a super-complicated fingerprint reader and leaving it as the only factor.
the capacitive one yes probably, the two other i doubt it. sure you can always use a conductive coating as well as a material that mimic optical propreties of skin. the question is not IF a system will be spoofed, the question is WHEN.
