Tuesday, April 28, 2015

Fingerprints cloning in Samsung Galaxy S5

RSA conference is being held in San Francisco, where security researchers from FireEye revealed a security flaw related to the fingerprint sensor embedded in the Samsung Galaxy S5 and other smartphones running Android - allows cybercriminals to make duplicate user's fingerprints. According to Tao Wei and Yulong Zhang from FireEye, although mobile manufacturers have taken numerous steps to ensure the integrity and confidentiality of biometric systems, but still there is a possibility to clone users' fingerprint which can aid further attacks. This would give opportunity to hacker to get user-level access and run a program as root to steal information from the affected Android phones. In the case of Samsung Galaxy S5, all you need is to have system-level access. Android 5.0 Lollipop or above are unaffected to this issue. Samsung has not yet provided any details regarding updates for users. <more>

No comments: