The Black Hat Security Conference 2015 in Las Vegas to leave you feeling exposed and vulnerable. Two researchers Tao Wei and Zhang Yulong from FireEye have revealed major vulnerabilities to attack on Android devices Data . The name “fingerprint sensor Spying Attack”, that allows them to lift prints in a large scale.
Researchers found the attack viable on both the HTC One Max and the Samsung Galaxy S5. The attack allows a hacker to steal unnoticed an image of a fingerprint of affected devices because manufacturers do not fully protect the sensor.
Android has quite severe flaws in this level. Obviously, because you doubted in Android is not really sure. “This attack, the fingerprints of the victims fall right into the hands of the attackers,” said Zhang. “For the rest of the life of the victim, the attacker can use the fingerprint data for its own purposes.”
Android is more Vulnerable than iOS on this Point
It still remains an open question: are they really secure as we think? Unfortunately for us, it seems that this is not the case. It is no secret to people, but these drives have considerably democratized over the last few years.
Hackers have actually found several security flaws on these drives. And be careful because these vulnerabilities are far from harmless. Do not even say anything because our hackers have managed to override the controls in place for the validation of payments by fingerprint.
Yes, Two experts in security FireEye, Tao Wai and Zhang Yulong, have also managed to steal a user’s fingerprint by taking control of the remote drive. You can imagine the impact. An impression is not as flexible as a password and it is currently impossible to change it.
There is an interesting detail, however. All platforms are not on a level playing field security issue. Now all the devices are not vulnerable to the same level. The Touch Apple ID would be safer that readers of the Samsung Galaxy S5 and HTC One Max are in a logical sense. Nevertheless, these findings should give pleasure to all those who do not believe in mobile payment.
Researchers advised to use only regularly updated Android devices with fingerprint scanners. In addition, users should only install apps from trusted sources – a Council, which applies to all mobile devices.