The Samsung Galaxy S5 with its fingerprint sensor based security system may not after all be as secure as it makers would have liked it to be. The revelation was made by a group of researchers at the security company Fire Eye who claim to have devised a manner of making copies of fingerprint from the S5.
Samsung, when contacted by FireEye with the findings haven't made any comment except that they are investigating the matter further.
The issue though isn't just limited to the Galaxy S5 as many other Android devices seem to be equally vulnerable, claimed Tao Wei and Yulong Zhang from FireEye.
Elaborating the way clones of fingerprint can be obtained, Wei and Zhang stated it's relatively simple as hackers will just have to target the fingerprint sensor to accomplish their job. Usually, phone manufacturers rely on the methodology of collecting the data from the fingerprint sensor and storing it in a secured region, which again is tough breaking into.
With the Galaxy S5, running a malware having system level access can do the trick.
"If the attacker can break the kernel [the core of the Android operating system], although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time. Every time you touch the fingerprint sensor, the attacker can steal your fingerprint," Zhang was quoted saying to Forbes.
However, this isn't the first time the Galaxy S5 has been put to scrutiny thanks to its fingerprint scanning technology as a lot of users of the device often complained of having issues with the same. Users need to swipe their fingers on the home button to launch the device though it often ended up as a trial-n-error sort of game.
Such concerns notwithstanding, the use of biometrics seems to be on the rise as Microsoft too is stated to be testing biometric based systems such as fingerprint and/or iris scan on its upcoming Windows 10 that would do away with passwords.
Things though are reported to be far better with the current Samsung flagship, the S6, stated Business Insider. Unlike its predecessor, users just need to touch the home button to unlock their devices, which offers a more definite response each time.