Home / Technology / Samsung ‘investigating’ claims of fingerprint penetrate on Galaxy S5

Samsung ‘investigating’ claims of fingerprint penetrate on Galaxy S5

Samsung is “investigating” claims from confidence researchers that hackers can take copies of fingerprints from a company’s 2014 flagship Galaxy S5 smartphone, as good as other Android devices, by exploiting a debility in a doing system’s doing of biometric data.

According to confidence organisation FireEye, Android fails in a attempts to describe fingerprint information untouched to many apps by sequestering it in a “secure zone” on a phone. The smirch is simple: rather than perplexing to mangle into a secure section itself, a enemy simply concentration on reading a information entrance directly from a fingerprint sensor before it reaches a secure zone.

With this information, it’s probable to refurbish a fingerprint, and potentially use it elsewhere, the researchers told Forbes’ Thomas Fox-Brewster.

“If a assailant can mangle a kernel, nonetheless he can't entrance a fingerprint information stored in a devoted zone, he can directly review a fingerprint sensor during any time. Every time we hold a fingerprint sensor, a assailant can take your fingerprint,” one of a researchers, Yulong Zhang, told Forbes. “You can get a data, and from a information we can beget a picture of your fingerprint. After that we can do whatever we want.”

The disadvantage is bound on a newest chronicle of Android, Lollipop – that runs on newer devices, including a Galaxy S6 – and users who can ascent should. As good as Samsung, some – nonetheless not all – other Android inclination regulating versions progressing than Lollipop are affected, nonetheless a Galaxy S5 was a usually one named. Samsung says it “takes consumer remoteness and information confidence really seriously” and is questioning FireEye’s claims, that are due to be suggested in some-more fact during a arriving RSA confidence conference.

Apple’s TouchID system, benefaction on a iPhone 5s and iPhones 6, uses a identical devoted section architecture, nonetheless no assailant has nonetheless demonstrated a ability to lift fingerprints off a device regulating a program hack. The fingerprint sensor has, however, been shown to be exposed to spoofed fingerprints: a feign fingerprint, printed onto a laminated piece and stranded to a genuine finger, can dope a fingerprint sensor.

Of course, hidden a fingerprint by a program penetrate might not be a easiest approach to bypass biometric security: in December, a hacker demonstrated a ability to travesty a German minister’s fingerprints from only a sketch of her hand.

Article source: http://www.theguardian.com/technology/2015/apr/23/samsung-investigating-fingerprint-hack-galaxy-s5

Scroll To Top