With the recent global launch of the Samsung Galaxy S6, there are many headline news stories naturally surrounding the Galaxy S6. Today, however, there is a bit of extremely important news surfacing regarding the Galaxy S5. Researches from the security firm FireEye have brought to light some troubling information about the way the software on the Galaxy S5 handles your biometric information, that is your fingerprint. At this week’s RSA conference the researches plan to discuss this fatal flaw found in Samsung’s software present on the Galaxy S5, and just how users’ digital fingerprints are vulnerable.
According to FireEye researchers, the fingerprint data is not stolen from where it is stored in the system. Hackers would be capable of breaking into the system to steal actual stored fingerprints when given the ability to run applications with root privileges. However, the method specifically discovered at FireEye involves hijacking the fingerprint data as it is directly read from the sensor. What makes this so dangerous is that with this method the malware only needs system level privileges, rather than full root access. This is much easier for hackers to achieve because their malware does not even need to be successful at breaking to the system’s “trusted zone,” according to Wei and Zhang at FireEye.
“If the attacker can break the kernel [the core of the Android operating system], although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time. Every time you touch the fingerprint sensor, the attacker can steal your fingerprint,” Zhang stated in an interview. “You can get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want.” What makes this so potentially dangerous is the fact that a digital image containing users’ fingerprints can be generated to be used for whatever malicious activities hackers can take advantage of. Wei and Zhang from FireEye attempted to contact Samsung with no response. Luckily, the exploit only exists in Android KitKat. This means that users who actively go into their phones’ settings to complete a system update to the latest Android version 5.0 Lollipop will be safe from this form of attack.