Connect with us

Hi, what are you looking for?

Tech & Science

Android security flaw allows hackers to copy fingerprints

New research has been revealed at the Black Hat security conference in Las Vegas, identifying serious security flaws affecting Android devices with finger print sensors.

Researchers Tao Wei and Yulong Zhang discovered serious vulnerabilities in systems which span from popular consumer devices to critical international infrastructure.

The “fingerprint sensor spying attack” — confirmed on the HTC One Max and Samsung’s Galaxy S5 — can remotely harvest fingerprints, allowing a hacker to extract copies of user fingerprint images.

This is possible because device makers don’t fully lock down the sensor, and once an attack is in place, fingerprint data on anyone who uses the sensor can be collected.
Zhang explained, “In this attack, victims’ fingerprint data directly fall into attacker’s hand. For the rest of the victim’s life, the attacker can keep using the fingerprint data”.

The sensor on some devices is only guarded by the “system” privilege instead of root, meaning rooting or jail breaking your phone can leave the user at greater risk.

This threat is limited mostly to Android devices with fingerprint sensors, such as Samsung, HTC, and Huawei devices, with Zhang affirming that the iPhone 5s, 6 and 6 plus are “quite secure,” as the Apple devices encrypt fingerprint data from the scanner.

Researchers have warned that these security flaws apply not only to mobile devices but also laptops.

The affected vendors such as Samsung, HTC and Huawei have released patches after being alerted to the threat by researchers have still warned users to keep devices software regularly updated, and only install apps from reliable sources.

The Black Hat conference is part of a series of global information security events held annually in the United States, Europe and Asia which provide a forum for security researchers to share the latest in information security risks, development and trends.

Written By

You may also like:

Life

A high-profile gay couple married in Thailand on Thursday as the kingdom's same-sex marriage law went into effect.

Business

The partnership will raise awareness of the vital role that CIOs and senior technology leaders play in shaping the future of business.

Tech & Science

The largest number of identifiable records were grouped in a collection credited to QQ messenger.

Business

Economist Arthur Laffer, seen in 2019, is one of the main architects behind the idea of 'supply-side' economics. - Copyright AFP Jim WATSONDaniel AVISDonald...