Your fingerprint is yours and yours alone—until someone steals it.
Fingerprints are unique markers used to unlock newer phones on the market. But ultimately they’re just a collection of data that can be stolen, copied, and used without your permission.
The hackers can break into the secured environment on the phone, called TrustZone, that stores sensitive data like your fingerprint. The fingerprint sensor allows access to applications with system-level privileges, according to Yulong Zhang and Tao Wei of FireEye, leaving it open to a robbery.
“If the attacker can break the kernel, although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time,” Zhang said to Forbes.
Samsung is currently investigating, according to multiple media reports.