Home
Mobiles
Mobiles News
Fingerprint Sensors in Android Phones Easier to Hack Than Apple's Touch ID: Report

Fingerprint Sensors in Android Phones Easier to Hack Than Apple's Touch ID: Report k4652

By Manish Singh | Updated: 6 August 2015 20:40 IST

ment

Researchers have found major security vulnerabilities in the Android smartphones that come with fingerprint scanners. Security firm FireEye's researchers have devised four different attacks that could extract fingerprints from Android smartphones, and claim the technology is more vulnerable than Touch ID implemented by Apple. 3p2n6w

FireEye researchers Tao Wei and Yulong Zhang have revealed major vulnerabilities in fingerprint scanner-powered Android smartphones. One such attack is "fingerprint sensor spying" which can "remotely harvest fingerprints in a large scale," the researchers told ZDNet.

Galaxy S5 that sport a fingerprint scanner don't fully lock down the sensor, the researchers note. The sensor in these phones are protected by only "system" level privilege instead of "root", making it easier for an attacker to find a workaround. The affected vendors were notified, and have since provided patches for the issue.

It wasn't very long ago when Android smartphone manufacturers started to add fingerprint sensors on their handsets. The technology which is largely similar to iPhone and iPad's iPhone Touch ID sensor is "quite secure" since it encrypts the fingerprint data it gleans from the sensor. He added, "Even if the attacker can directly read the sensor, without obtaining the crypto key, [the attacker] still cannot get the fingerprint image."

Only a select number Android handsets have this technology, however. Android M, which releases later this year.

Any vulnerability in the fingerprint scanners is crucial because of their nature of operating with sensitive details. The fingerprint sensors - in addition to unlocking a screen and enabling s to quickly to their s - have also been used for authentication in mobile wallets and banking features. If the data gets in the wrong hands, it could leave devastating results on the victim.

This isn't the first time a vulnerability has been found in the fingerprint scanner of an Android smartphone. Last year, a German firm named H Security had found a way to fool the Galaxy S5's sensors to get access to it using a "dummy" finger.

Earlier this year, Wei and Zhang had found another vulnerability in the same Samsung flagship smartphone. The handset encrypts the data and stores it into a secure zone, however, researchers had found a way to create a copy of the data before it could store and lock down the information.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.