Latest in Android

Image credit:

Android fingerprint readers may be easier to hack than Touch ID

292 Shares
Share
Tweet
Share
Save

Sponsored Links

There's nothing like a Black Hat Security Conference to leave you feeling exposed and vulnerable. Today's compromise? Fingerprint readers. Security researchers Tao Wei and Yulong Zhang have exposed some pretty significant flaws in the Android fingerprint framework. The duo outlined a couple of different attacks -- including malware that can bypass fingerprint-authenticated payment systems and various backdoor attacks -- but the biggest offender was a "fingerprint sensor spying attack" that could remotely lift prints from affected phones. Researchers found the attack viable on both the HTC One Max and the Samsung Galaxy S5, but not on iPhone or other Touch ID devices.

The security discrepancy is pretty huge. Affected devices simply don't do enough to lock down their fingerprint scanners, often leaving them at the mercy of higher level system privileges. Apple's Touch ID, on the other hand, won't give up fingerprint data without a crypto key, Zhang told ZDNet -- even if an attacker has direct access to the fingerprint sensor.

The exploit is particularly troubling in light of the kind of information at stake: passwords can be changed if your credentials are compromised, but you can't change your fingerprints. Thankfully, device manufacturers are on the case: notified vendors have already issued patches for the exploit. Keep your device updated and you should be fine.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
292 Shares
Share
Tweet
Share
Save

Popular on Engadget

The best mobile devices for students

The best mobile devices for students

View
Adam Driver investigates post-911 CIA tactics in 'The Report' trailer

Adam Driver investigates post-911 CIA tactics in 'The Report' trailer

View
OtterBox reveals a portable and stackable wireless charging system

OtterBox reveals a portable and stackable wireless charging system

View
Chevy's 2020 Bolt EV will pack a longer 259-mile range

Chevy's 2020 Bolt EV will pack a longer 259-mile range

View
Samsung updates mid-range A50 and A30 with new cameras, flashier designs

Samsung updates mid-range A50 and A30 with new cameras, flashier designs

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr