Hackers lifting fingerprints from your Android phone?

By Digit NewsDesk | Updated Aug 06 2015
Hackers lifting fingerprints from your Android phone?
HIGHLIGHTS

Research duo reveals that fingerprint sensors on your Android device can be hacked to reveal your fingerprint data

Nokia 6.1 Plus 6GB RAM @10,999

16MP+5MP rear |16MP front facing camera,6GB RAM | 64GB ROM with 10% Instant Discount on Debit & Credit Cards.

Click here to know more

Your fingerprints on your Android phone might not be as safe as you think. Recently, two security researchers at the annual Black Hat conference revealed that the fingerprint scanner on your Android devices is quite vulnerable. Researchers Tao Wei and Yulong Zhong of FireEye Inc., showed that Hackers can remotely lift fingerprints from Android devices. The duo talked about how design flaws in TrustZone, the ARM technology that comes embedded in modern day smartphones, will simply let a 'sensor spying attack' harvest a user fingerprints.

According to ZDNet, the duo confirmed that phones like the HTC One Max and the Samsung’s Galaxy S5, are vulnerable to spy attacks as the device makers haven't locked down the sensor completely. Sensors on these devices are guarded on a system level rather than a root level, hence, rooted devices stand at a greater risk of being hacked. The researchers revealed that once a hack is placed on a certain phone, the hacker can continue to collect the fingerprint data of anyone who uses the sensor.

Currently, countries like US and some regions of Europe, allow payments via fingerprint authentication, these are also vulnerable to attack and hackers can easily bypass the security to simply buy stuff, or just transfer funds from the users account. Moreover fingerprints are also used for various important documents such as passports, immigration documents, criminal records, etc., making it a far more dangerous proposition if your fingerprint sensor gets compromised.

It was also mentioned that this vulnerability also affects some laptops that come with fingerprint sensors. The duo has alerted various vendors about this vulnerability and since then, some patches have rolled out for the same. However, if you are using an iPhone, you are quite safe as hackers won’t be able get the fingerprint image unless they have a crypto key for the fingerprint sensor data.

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.