Featured Mobileburn Video

Android Fingerprint Scanners Open to Mobile Payment Hacks

News by Luke Jones on Thursday August 06, 2015.

google news · android news · industry news · luke jones

Sponsored links, if any, appear in green.

Google, Android, and all manufacturers could do without more stories about what hackers are able to do on the platform, but yet they keep coming. The Stagefright vulnerability recently put Android in the spotlight as it was found users could control a device by sending a simple corrupted MMS. It has now been found that Android fingerprint scanners allow hackers to take a user?s print, while Apple's TouchID does not.

The find was announced at the annual Black Hat Security Conference where the world's hackers and security experts gather to discuss their latest research. The framework used for Android fingerprint sensors (found on devices by HTC, Huawei, Samsung, and more) is open to several attacks. One of them is the ability to bypass mobile pay systems, probably something Google or Samsung do not want to hear considering Android Pay and Samsung Pay are due to drop soon.

Potentially worse is the fact that hackers are able to take an actual fingerprint from an Android sensor, which could lead to all kinds of mess of course, such as identity theft. Experts at the conference pointed out that the Samsung Galaxy S5 and the HTC One Max had both displayed this vulnerability, but more devices are likely to carry it too.

Apple is probably happy with that news as its TouchID (probably the best scanner on the market regardless) keeps fingerprint data behind an encrypted key that cannot be unlocked if the device is hacked. It would be easy (presumably) for the Android framework to carry similar protocols, and OEM?s are certainly aware of this and many are updating their devices to solve the issues, and some devices have already been fixed.

blog comments powered by Disqus

About the author

Luke Jones
Luke Jones is the Managing Editor at MobileBurn.com and is the person you need to speak to about the content on the site. Luke studied creative writing at degree level before carving out a reputation as a freelance tech writer. He settled here at MobileBurn, where he reviews devices and contributes to the news, as well as overseeing the site's content and direction.

Related Stories