14 DAY TRIAL // After the Stagefright vulnerability was identified in the majority of Android devices, both Samsung and Google have announced that they will be providing monthly security patches to their respective sets of mobile phones and tablets.
While this information has most likely put some worries at rest, today we are hearing of another hidden threat harbored by devices that use a fingerprint scanner.
Once utilized in premium phones, fingerprint scanners are now being offered with mid-range and low-end phones as well. Recently, ZTE unveiled three smartphones from the V3 family coming out with fingerprint scanners, metal bodies, and prices starting at $160 / €147.
New research has revealed that, ironically, fingerprint scanners might not be as secure as we deem them to be. Hackers have been shown to be able to access Android phones and steal fingerprints on a large scale.
The vulnerability affects mostly premium devices, for the time being
The discovery has been announced during the Black Hat conference that is currently taking place in Las Vegas. For the time being, the issue has been confirmed for devices sporting a fingerprint scanner that are offered by device makers Samsung, HTC and Huawei.
Even if the number of phones in this situation is not that great, the concern is a justified one because by 2019, 50% of smartphones are expected to come equipped with fingerprint reading technology.
The researchers demonstrated the attack on the HTC One Max and Samsung Galaxy S5, where the device makers don’t actually lock down the sensor, thus leaving it open to the possibility of being exploited.
Hence, hackers can unleash a “fingerprint spying attack” which allows them to access fingerprints on a large scale. The result is that the hacked phone will provide fingerprint info to anyone that uses the device.
If someone has access to your fingerprint information, illegal payment transactions can ensue. The exploit can even affect high-end laptops that take advantage of fingerprint scanners.
Researchers didn’t share with us which Android handsets with this kind of technology on board are safer to use in these conditions, but they explained that the iPhone does a better job at encrypting the information, hence it is the superior choice.