Android devices equipped with a fingerprint sensor are vulnerable to hacker attacks. They can not only bypass the biometric authentication, but even steal the fingerprint data itself, security researchers told a hacker conference. Tao Wei and Yulong Zhong from the cybersecurity firm FireEye Inc. reported their findings on Wednesday to the Black Hat conference in Las Vegas.
The researcher devised four vectors that hackers could use to target fingerprint sensors. One of them allows for "remotely harvest fingerprints on a large scale," without the user ever noticing it. Considering that unlike passwords fingerprints can’t be easily altered and are used for identification in many venues, a compromised phone may leave its user with a lifetime of their data being misused. The speakers said the HTC One Max and Samsung Galaxy S5 were confirmed to be vulnerable to such attacks. Hay added that the affected vendors were alerted and have since provided patches. Zhong noted that Apple devices used different methods for storing fingerprint data and were quite secure against theft attempts.
INC News, 07/08/2015 - via RT
No comments:
Post a Comment