Blog

Android finger print security flaw

Posted by Zighra CTO on May 28,2015

Mobile security researchers have discovered a security flaw in Android that could enable attackers to intercept finger print data, which could be exploited to bypass the phone’s lock code or to authorize payments. 

mobile_security

 Though the affected phone makers have tried to segment and encrypt the information in aseparate secure zone, the flaw enables an attacker to grab the biometric data before it reaches that "Trusted Zone" and even create copies of people’s fingerprints for further attacks.

The flaw exists within Android 5.0 Lollipop and is supposed to be solved by upgrading to Android 5.1.1. However, the usual Android fragmentation issue means that many users won’t have access to the newest version for quite a while.  

Fingerprints and other forms of biometrics are becoming increasingly prevalent as potential alternatives to passwords. For now the question remains on whether OEMs and OS providers are doing enough protect users and raise trust in biometric authentication.

Category: security, Biometric Authentication

Written by Zighra CTO

Zighra Information

Subscribe to Email Updates

Recent Posts