Galaxy S5 Fingerprint Scanner Can Easily Be Hacked
Just some few days ago, the Samsung Galaxy S5 was released in the market, and Samsung did what it does best, break record sales. According to a report from GSM arena, the flagship device managed to set a new record on sales after being released last Friday simultaneously in 125 countries around the world beating its predecessor (the S4) by over 30%, making this the largest-scale launch the Korean company has ever pulled.
The most distinguished feature on the S5 is the fingerprint scanner integrated on the home button. And just after the release, a report from Germany’s Security Research Labs is already out claiming that hackers can easily bypass the fingerprint security.
What the team did is simply create a wood glue spoofed fingerprint from an etched PCB mold using a latent print photographed by an iPhone 4S. With very little effort, the finger print can be easily spoofed to think it is the actual finger print giving the hacker instant access.
Perhaps you may not have very delicate stuff on your phone to make you a tad worried, but remember the S5 integrates with your PayPal account and authentication can be done through the same swiping. The team was able to access a PayPal account, transfer funds and make purchases using this fake fingerprint; a process made easier by the fact you’re allowed unlimited swipe attempts, giving hackers plenty of time to perfect their spoof if it was rejected the first few times.
A PayPal spokesman issued a statement stating “The scan unlocks a secure cryptographic key that serves as a password replacement for the phone,” the statement read in part. “We can simply deactivate the key from a lost or stolen device, and you can create a new one. PayPal also uses sophisticated fraud and risk management tools to try to prevent fraud before it happens. However, in the rare instances that it does, you are covered by our purchase protection policy.”
No comments:
Post a Comment