• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

Mobile ID World

Mobile ID World

Identification Revolution

Jumio next-generation of digital ID verification.
  • Mobile ID
    • What Is Mobile ID?
    • Identity Associations
    • Premier Partners
    • FAQ
  • News
  • Solutions
    • Behavioral
    • Facial Recognition
    • Fingerprint Biometrics
    • Iris Biometrics
    • Second Factor
    • Smart Cards
    • Smartphones
    • Vital
    • Voice
    • Wearable Tech
    • Other
  • Applications
    • Access Control
    • Cloud Technology
    • Commerce
    • Enterprise
    • Healthcare
    • Identification
    • Internet of Things
    • Law Enforcement
    • Strong Online Authentication
  • Exclusive
    • Interviews
    • Featured Articles
    • Podcasts
  • Companies
  • Events

Security Firm Says Android Users Vulnerable to Fingerprint Cloning

April 23, 2015

Samsung says it’s looking into FireEye’s claims; and it’s worth noting that the Android 5.0 Lollipop OS does not features this vulnerability.

Security Firm Says Android Users Vulnerable to Fingerprint CloningNumerous Android mobile devices including Samsung’s Galaxy S5 have major security vulnerabilities allowing hackers to copy users’ fingerprints, according to security firm FireEye. As reported by Thomas Fox-Brewster in a Forbes article, FireEye security experts plan to speak about the security flaws at this year’s RSA Conference.

The problem relates, of course, to Android devices that use biometric fingerprint scanning. While they’re designed to keep users’ biometric data encrypted in a secure zone – and succeed in that aim – FireEye’s researchers have discovered that it’s possible, and indeed not very difficult, for hackers to access that data at its source, before it reaches the encrypted zone. Any hacker who is able to get into the root level of an Android device’s operating system is able to access this data, and on the Samsung Galaxy S5 they would only need system-level access.

Samsung says it’s looking into FireEye’s claims; and it’s worth noting that the Android 5.0 Lollipop OS does not features this vulnerability.

But if FireEye is right, it’s a serious security issue, and one that could spook users just as the world of mobile commerce and payments is starting to take off. On the plus side, it could prove a catalyst for pushing companies towards multimodal authentication, a much safer approach to security that is already being embraced by financial services companies looking to expand their mobile app services.

Related News & Articles

New tZERO App Stores Cryptocurrency Assets On Your Mobile Phone

Apple Pay Cash, Now in Your Wallet

Qualcomm Forms Smart City Partnership with Infinite

Primary Sidebar

Premier Partners

Read the Latest Year in Review Analysis:

BIO-key One plus One

Tweets

FacePhi Selphi

Sponsored Links

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi's product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/
Aware ABIS webinar

Events

View All Events

Aware ABIS webinar

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives

Follow Us

Copyright © 2021 MobileIDWorld