Like every law has a loophole, there seem to be problems with gadgetssecurities too. First the hackers went hammer and tongs at passwords and PIN numbers. This prompted Operating Systems to find a way around it. Soon, they came up with a fingerprint-based biometric system. Just when everybody thought they had resolved security issues, the party was spoilt by FireEye, a firm developing security systems for handsets.
How do hackers steal fingerprints related information?
There are different levels in any smartphone. The user-friendly level or user level is the one used by everybody. Hackers could be welcomed in here like Dracula, wittingly or unwittingly, by the user, thanks to mailing systems. Once this access is received, hacker’s program could run at the root level, where the scanned information such as a fingerprint is stored. In fact, the hacker could also collect it from scanner because the scanner is used every time the fingerprint needs to be confirmed. This information could be relayed back to the hacker.
Why are there issues with Samsung Galaxy S5?
Zhang and Wei from FireEye mentioned Samsung Galaxy S5 specifically because this device does not store the sensitive data at the root level, which is the most secure level. Instead it stores it at the system level, making it easier for a hacker to collect such confidential information. But Zhang and Wei added that the problem was not unique to Samsung’s device. Almost all Android devices prior to Android Lollipop 5.0 were at risk.
Passwords have been an issue but apparently, they were safer. Since devices with Android Lollipop do not exhibit such flaw as yet, upgrading the software may be necessary for all Android handsets. But similar protection is needed even in iOS.