Samsung Galaxy S5 vulnerability leaves fingerprint ID exposed
Thu 23 Apr 2015
A flaw has been discovered in the Samsung Galaxy S5, which made it possible for hackers to take copies of fingerprints used to unlock the smartphone.
According to security research firm FireEye, the bug would have allowed hackers to steal sensitive and personal data stored on the phone. The researchers suggested that other phones running on the Android platform with Fingerprint ID systems may also be at risk.
In a statement Samsung said that it would be taking the claims “very seriously” and that it was currently looking into the research findings.
Fingerprint ID is growing in popularity as a smartphone unlock feature and even for mobile payment transactions. Paypal and Apple have already started accepting fingerprints to authorise transactions, while other companies are working to develop ways to use the technology to reduce the need for password authentication.
As a security measure, Android systems typically store sensitive information such as fingerprint data in separate memory called the Trusted Zone. However, researchers Yulong Zhang and Tao Wei have found that they were able to capture this ID data before it was transferred to the safe zone. This process was found to be possible on all Android phones operating version 5.0 and below, should the hacker have direct access to the phone.
The research duo discovered that with Samsung Galaxy S5 models, a cybercriminal would not require this high level of access – instead an attacker only needed access to the phone’s memory to grab the fingerprint information.
In addition, they found that with this data hackers could create a forged lock screen to make the targets think that they were unlocking their phone when they were actually authorising a payment.
Zhang and Wei also discovered that it would have been possible for an attacker to upload their own fingerprint information as Android was not keeping track of how many fingerprint IDs were being stored on each smartphone.
Tom Armstrong, UK Manager at Dashlane, the online password manager and digital wallet, commented: “On paper, biometrics seems like a great way to secure a device because there’s the assumption that fingerprints can’t be stolen. The Samsung Galaxy S5 leak is case in point that this is not true. It can be hacked and the issue is there is no going back – you can’t replace your stolen iris, or in this case, fingerprint…”
The FireEye researchers are expected to present their findings in more detail at the RSA security conference in San Francisco tomorrow.
