All Sections

Fingerprint scanners on Android phones can be hacked – but not easily

Fingerprint scanners found on premium Android phones like the Samsung Galaxy S6 are susceptible to hacking, according to researchers at security firm FireEye – although nicking your biometric data isn’t quite a cake walk.

Android phone manufacturers such as Samsung keep fingerprint data in a separate, encrypted secure zone of a phone’s storage, so it’s not as easy to hack. However, Tao Wei and Yulong Zhang from FireEye reckon that it’s very possible to grab this data before it hits the secure zone, which can then be used to create copies of a user’s fingerprints.

However, nabbing your biometric info isn’t something that can be done remotely or in passing. First, a hacker would need to gain access to a person’s phone for long enough to run a program as root – which requires the phone to be unlocked in the first place. They can then set up the phone so your data is stolen when you actively use the scanner.

All of which sounds like too much of a ballache to actually be useful to real life hackers.

This isn’t the first time fingerprint scanner security has been called into question. Last year the Galaxy S5’s scanner was hacked in just four days, as researchers were able to take a photo of a fingerprint and then create a mould to unlock a phone.

Comments