1. Download our Official Android App: Forums for Android!

General Hackers can get past fingerprint scanners in 15 minutes

Discussion in 'Android Devices' started by Rebel1860, Mar 11, 2016.

  1. Rebel1860

    Rebel1860 Newbie
    Thread Starter
    Rank:
    None
    Points:
    26
    Posts:
    12
    Joined:
    Mar 6, 2016

    Mar 6, 2016
    12
    3
    26
    Male

    Advertisement

    psionandy likes this.
  2. psionandy

    Moderator
    Rank:
     #19
    Points:
    1,138
    Posts:
    5,863
    Joined:
    Dec 5, 2009

    Dec 5, 2009
    5,863
    8,727
    1,138
    Male
    Gizmonic Institute - mug in a yellow jumpsuit
    liverpool
    Also discussed in this week's security now podcast... On the twit network..
     
    mikedt and Rebel1860 like this.
  3. Rebel1860

    Rebel1860 Newbie
    Thread Starter
    Rank:
    None
    Points:
    26
    Posts:
    12
    Joined:
    Mar 6, 2016

    Mar 6, 2016
    12
    3
    26
    Male
    I would NOT register my fingerprint on my phone just for this reason. Where is it stored? On Google servers? If they get hacked & someone manages to get my print & use it for whatever, I'll pass. I'm not hip on the Samsung Pay thing either. I over protective.
     
  4. mikedt

    mikedt 你好
    Rank:
     #5
    Points:
    3,238
    Posts:
    27,301
    Joined:
    Sep 22, 2010

    Sep 22, 2010
    27,301
    16,717
    3,238
    Teachaaa
    Jinan, China
    Wasn't this discussed before, like it had to be an actually live finger with blood flowing to activate the fingerprint scanner.

    Apparently a fingerprint from a severed dead finger won't work, but printed ones on glossy paper will?
    th.jpg
     
  5. psionandy

    Moderator
    Rank:
     #19
    Points:
    1,138
    Posts:
    5,863
    Joined:
    Dec 5, 2009

    Dec 5, 2009
    5,863
    8,727
    1,138
    Male
    Gizmonic Institute - mug in a yellow jumpsuit
    liverpool
    Ahh... Last time is was gummy bears that was the way to do it... This time it's a really clever way of using some custom circuit board printing software, metallic ink and an ink jet printer.

    It gives you a fingerprint and the variable capacitance to fools the sensor... Blood flow doesn't seem to be required
     
  6. psionandy

    Moderator
    Rank:
     #19
    Points:
    1,138
    Posts:
    5,863
    Joined:
    Dec 5, 2009

    Dec 5, 2009
    5,863
    8,727
    1,138
    Male
    Gizmonic Institute - mug in a yellow jumpsuit
    liverpool
    Isn't it stored securely on the device.. And never leaves it. The fingerprint (or more accurately the hash/signature that is generated from it) is verified on the device itself and then that is used to send the required token to Google if required.

    I agree though changing all your fingerprints after a hack is a painful process.. And I'm not doing that again....
     

Samsung Galaxy S7

The Samsung Galaxy S7 was launched in 2016 and was one of two devices in the lineup. The device features a 5.1-inch display with a resolution of 2560 x 1440, 4GB of RAM, 32GB of storage, and a 12MP rear camera.

Share This Page

Loading...