Can hackers steal personal information from your Samsung smart phone? According to security specialists the answer to this question would be Yes and Android phones are the most vulnerable.
Experts don’t rule out the possibility of other Android phones using touch ID to be facing with this delicate situation.
Finger print ID has become more and more popular among smart phones manufacturers. This feature is mostly used to unlock the phone or to authorize a transaction.
Firms look at this as a great option for replacing passwords and are eager to use it. For example companies like Apple and PayPal have already introduced among their features the touch ID.
When it comes to Android smart phones, the delicate information like touch ID information, is kept in a secure area called the Trusted Zone. Even so, specialists have discovered that this data can be stolen before it is locked inside the secure zone.
What they discovered, was that Samsung Galaxy S5, the 2014 model of the company, was one of the most vulnerable phones. The procedure of the hackers is not that complicated. They don’t have to break into the secure area but only to read the information coming from the touch sensors before it is sent to the secure area.
This data would allow them to recreate the fingerprint of the person and could use it for different purposes.
Even if the attacker cannot reach the information kept in the safe zone, as long as it can reach the core memory of the phone he can obtain sensitive information. Each time a person uses the touch sensor he can steal your fingerprint data, explained of the security specialists. The moment they have that information into their hands, they can do whatever they want with it.
This is quite a dangerous thing to play with as once hackers start handling your private data they could use it to create a false lock screen on your phone. Every time you think you are simply swiping to unlock your phone, you could actually be authorizing a payment.
Moreover, attackers could also upload on your phone their personal fingerprints, because phones do not keep track of the number of prints used.
According to experts, the flaws were discovered in smart phones running on Android 5.0 and lower. Phones who have been updated to the latest version of Android Lollipop, 5.1.1 should be safe from such attacks.
But this hasn’t been the first time hackers have been playing with the finger print ID.
Last year, attackers found a way to trick the touch sensor of a Galaxy S5 by taking a picture of a finger print that was left on the screen of the device. From that print they managed to recreate a mould and make a false finger print of that person.
Another similar case happened in 2013, when hackers took a picture of a finger print left on a glass to help them unlock a phone.
Samsung stated that security is a very important issue for them and their have started an investigation on the matter.
The IOS touch ID system which can be found on the iPhone 5S and 6 is based on a similar concept of sending sensitive information to a secure zone, but no hacker has yet succeeded into breaking it. However, Apple’s sensor has too an Achile’s heel. The sensor can be fouled by recreating a false finger print on a laminated sheet.
Image Source: jailbreak modo