Flaw in the Fingerprint Scanner on Samsung Galaxy S5 may lead to hacking of your phone
People were very thrilled when Samsung had announced that Galaxy S5 would be the first model from the company’s S series to have a fingerprint scanner. However, it turns out that the fingerprint scanner inside Samsung’s previous flagship houses a very threatening glitch.
Hope you still use the good old, traditional way of keying in password to access your mobile and never used the fingerprint scanner to unlock your phone. You may want to ask why.
The Forbes reports stated that the researchers at FireEye, a security firm have found a very serious security defect hidden inside the Galaxy S5’s fingerprint scanner. This has the potential to allow hackers to copy your fingerprints and use them for their own vicious intents.
According to the researchers, if the hackers managed to get into the Android kernel, they would be directly able to read the fingerprint sensor details.
In other words, in order to get the confidential data, the malware only needs to gain system-level access to the Galaxy S5.
The fingerprint matches are usually kept in a so-called “trusted zone” on the smartphone. However, if you use the technique mentioned above, a hacker can still get access to the private details without accessing this particular area anymore.
The hacker can access the fingerprint every time when the user merely touches the fingerprint scanner. Once the hacker gets the data, he can use it to generate the fingerprint from it.
The security researchers explain that the Galaxy S5 defect lies in the older versions of Android, up to and including Android 4.4.
However, users having Android 5.0 or above will not be exposed to the same danger. Also, Samsung has started rolling out the Android 5.0 update for its Galaxy S5 handset in several regions of the world. Experts advise you to upgrade your software if you have not done it yet.
The researchers are yet to find out if the susceptibility has effects on other handsets with built-in fingerprint scanner, but the problem is believed to be quite extensive.
Samsung has supposedly been made aware of the issue and is currently fact-finding FireEye’s claims. The South Korean tech to smartphone giant is working on providing a patch to remove the susceptibility according to sources.