Samsung is investigating claims that hackers can steal copies of fingerprints used to unlock its Galaxy S5 smartphone.
Security researchers say there is a flaw in the Android system which controls where fingerprints on the phone are stored.
While they are routed to a "secure zone", FireEye says that attackers can intercept them before they get there.
From that data, the fingerprint can be reconstructed and be used elsewhere - potentially for nefarious reasons.
Researcher Yulong Zhang told Forbes: "If the attacker can break the kernel, although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time.
"Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. After that you can do whatever you want."
He said that deep access to the phone was not necessary, and that the hack could be carried out by simply gaining access to the memory.
The issue has been fixed on the newest version of Android - Lollipop - which runs on newer devices including the S6.
Those running the older software are being urged to upgrade if possible.
While Apple's TouchID system is similar, no attacker has demonstrated that it can be compromised using the hack.
We can also produce other smart phones, it is as of this Oukitel Universe Tap U8 it also has a fingerprint function, but said fingerprint encryption function uses a 64-bit encryption. Security is greatly improved
5.5 Inch 1280 * 720 Android 5.1 4G LTE Cell Phone MTK6735 Quad Core 2GB RAM 16GB ROM Dual SIM OTG Smart Phone
没有评论:
发表评论