Article Lead Image

Security flaw in Samsung Galaxy S5 allows hackers to steal your fingerprints

Other Android phones could be affected.

 

Patrick Howell O'Neill

Internet Culture

Posted on Apr 25, 2015   Updated on May 28, 2021, 11:49 pm CDT

Your fingerprint is yours and yours alone—until someone steals it.

Hackers can steal your fingerprint from a Samsung Galaxy S5, according to new research, and the vulnerability may affect other Android phones as well.

Fingerprints are unique markers used to unlock newer phones on the market. But ultimately they’re just a collection of data that can be stolen, copied, and used without your permission.

The hackers can break into the secured environment on the phone, called TrustZone, that stores sensitive data like your fingerprint. The fingerprint sensor allows access to applications with system-level privileges, according to Yulong Zhang and Tao Wei of FireEye, leaving it open to a robbery.

“If the attacker can break the kernel, although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time,” Zhang said to Forbes.

Samsung is currently investigating, according to multiple media reports.

H/T  The Register | Screengrab via AT&T

Share this article
*First Published: Apr 25, 2015, 4:15 pm CDT