Samsung Galaxy S5 fingerprint reader hacked - it's the iPhone 5s all over again!

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377



When Samsung unveiled the latest in its Galaxy series of Android smartphones, gadget reviewers focused on the Galaxy S5's fingerprint scanner, a feature that the rival iPhone 5s has done much to popularize.

Samsung's positive buzz over the Galaxy S5 didn't last long - security researchers from SRLabs soon posted a video on YouTube demonstrating how they were able to trick the scanner with a fake fingerprint made of wood glue.

Indeed, the same approach allowed a similar and well-publicised hack of theiPhone 5s Touch ID last year, the researchers from SRLabs said in their video.

To use SRLabs's fake fingerprint, an attacker simply places the wood glue replica over the tip of his finger and swipes as usual over the scanner, which is embedded in the Galaxy S5's home button.

The wood glue is poured into a mold made out of a laser printout created from a photo of the victims's fingerprint.

With the right image contrast and printer settings, the buildup of toner on the printout creates a 3D representation of the fingerprint that is accurate enoughto "cast" a replica that will fool the phone.

According to the researchers, a latent fingerprint left behind by the owner on a stolen phone can be snapped with another phone's camera, giving an image of sufficient quality to print out a usable mold.

"Despite being one of the premium phone's flagship features, Samsung's implementation of fingerprint authentication leaves much to be desired," one of the researchers said in the video.

What's worse, Samsung's implementation is even less secure than Touch ID that Apple unveiled in September 2013, which is ironic given the formerSamsung CEO's contention that "beating Apple is no longer merely an objective, [but] our survival strategy."

Read more: http://nakedsecurity.sophos.com/201...-fingerprint-hacked-iphone-5s-all-over-again/
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top