Are smartphones 'leaking' YOUR fingerprints?securenvoy 18/05/2015, Archive
Are smartphones 'leaking' YOUR fingerprints? Flaw means hackers can intercept and steal biometric data !!
Fingerprint scanners are often touted as the future of security and an alternative to the notoriously flawed password.
But experts have discovered they may not be as secure as first thought after a number of Android devices, including Samsung's Galaxy S5, were said to be potentially 'leaking' fingerprints.
The security researchers have found a way to intercept a person's biometric data after it is captured by a built-in scanner, but before it becomes encrypted. The vulnerability means that a hacker can access the kernel, or core, of the Android operating system. Once inside they can monitor all data sent to and from the phone, as well as data recorded by the handset's built-in sensors, including the fingerprint scanner.
'Trying to convince the average person to implant a piece of technology to increase security of their perceived already secure account is a battle unlikely to be won.' Andy Kemshall, co-founder and technical director at SecurEnvoy said: 'Biometric authentication is not yet near the level it needs to be for the majority of consumer facing organisations to implement it in their products.
'Fingerprint scanning, eyeball scanning, voice and face recognition are all at least a decade away from being reliable enough to use as authentication methods. The technology simply isn't sophisticated enough'.