But to help ensure security, Zhang and Wei recommend smartphone users always keep their software updated to the latest version to fix all vulnerabilities and only install popular app from the Google Play store with fingerprint sensors.
Advertisement
Black Hat Security Conference left the viewers feeling exposed and vulnerable as the researchers came out with their new discovery, reports ZDNet.
Hackers can steal fingerprint data on a large scale through unsecure Android phones, researchers claim, saying that vendors that ship with fingerprint sensors don’t lock them down well enough.
However, the worst type of attack that could be executed is the ‘fingerprint sensor spying attack, ‘ Engadget reports. This makes things easier for hackers.
Zhang noted that Apple’s iPhone, which pioneered the modern fingerprint sensor, is “quite secure”, as it encrypts fingerprint data from the scanner.
I used to think that to get fingerprints to access different Android devices, you only need to just cut fingers.
The attack primarily affects Android devices that have fingerprint sensors, which enable users to authenticate their identity by touch instead of by passcode. Experts at the conference pointed out that the Samsung Galaxy S5 and the HTC One Max had both displayed this vulnerability, but more devices are likely to carry it too. On the other hand, iPhone and other Touch ID devices are relatively safer compared to the previously mentioned smartphones.
Fortunately, these researchers-slash-hackers warned phone makers about this issue and so some solutions and patches are being released.
Advertisement
Although there exists a direct access to the fingerprint sensor of Apple device, yet data is still secured with a crypto key in the device.
