Hackers could steal your fingerprints from your Android device

A recent talk at the annual Black Hat Security Conference has revealed that the Android fingerprint framework, which uses our biometrics to unlock our devices, could be susceptible to attacks by hackers.

Not only would the security of our devices be compromised, but one of the potential hacks could even bypass fingerprint authentication for payment services such as Android Pay.

Perhaps most worrying of all security researchers Tao Wei and Yulong Zhang, who hosted the talk, demonstrated that hackers could even steal your fingerprint data, with the HTC One Max and Samsung Galaxy S5 apparently being vulnerable to this.

Apple Pay keeps the hackers away

While this is certainly cause for concern for Android users, Apple fans can breathe a sigh of relief, as it appears that the iPhone and iPad’s Touch ID biometric technology is far more secure.

This is because your details are encrypted with a key that locks down your information, making it unobtainable even if hackers gain access.

The good news is that this should be a relatively easy fix, as by adding encryption to the fingerprint data on Android devices will keep the information secure from hackers.

Manufacturers are aware of the flaw and have already begun updating their software to eliminate the problem.

It’s worth noting that Android doesn’t officially support fingerprints yet, but it will do with the Android M update. This means any potential blame lies at the feet of the manufacturers for now, and we have reached out to a number of them to find out what they are doing about this security issue.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s