Discussion in 'Android Devices' started by Rebel1860, Mar 11, 2016.
Also discussed in this week's security now podcast... On the twit network..
I would NOT register my fingerprint on my phone just for this reason. Where is it stored? On Google servers? If they get hacked & someone manages to get my print & use it for whatever, I'll pass. I'm not hip on the Samsung Pay thing either. I over protective.
Wasn't this discussed before, like it had to be an actually live finger with blood flowing to activate the fingerprint scanner.
Apparently a fingerprint from a severed dead finger won't work, but printed ones on glossy paper will?
Ahh... Last time is was gummy bears that was the way to do it... This time it's a really clever way of using some custom circuit board printing software, metallic ink and an ink jet printer.
It gives you a fingerprint and the variable capacitance to fools the sensor... Blood flow doesn't seem to be required
Isn't it stored securely on the device.. And never leaves it. The fingerprint (or more accurately the hash/signature that is generated from it) is verified on the device itself and then that is used to send the required token to Google if required.
I agree though changing all your fingerprints after a hack is a painful process.. And I'm not doing that again....