Android and iOS devices the fingerprint recognition technology vulnerability exposure, the vulnerability is almost impossible to control it! - Vulnerability warning-the black bar safety net

!
According to the U.S. technology media ZDNet reported that a new device is fingerprint recognition technology the vulnerability you can use the factory settings detailed sensor calibration information, the tracking on the Internet Android and iOS devices, any app or website can be in the absence of special privileges to get this information. In short, Android and iOS devices subject to the attack can be referred to as sensor calibration attack.
Sensor calibration the attack.
This new technology is currently being referred to as a calibration fingerprint recognition attack or SensorID, it is through the use of the iOS gyroscope and magnetometer sensor calibration details to achieve; you can also use the Android device’s accelerometer, gyroscope and magnetometer sensor calibration details.
The phone turned out to have so many sensors, are what? Calibration of the fingerprint to identify the attacks and how it happened?
The phone sensor on the phone through the chip to the sensing components, such as a temperature value, brightness value and pressure value, etc. The phone has a lot of sensors silently work in the background to support our front Desk operation more convenient. To put it simply, the cell phone sensor is used to sense the phone or around the world. We can put these sensors are divided into: environmental sensors to perceive the environment, a motion sensor to detect the phone’s motion or posture is. The sensor for the mobile phone system provides important information, makes the phone to automatically adapt to the environment as possible.
Phone sensor since it is so important, that at the factory, it must be calibrated, because they are embedded in the phone, once the Assembly is completed, it can not be re-adjusted. And SensorID will occur is the use of this calibration process of the data, equal to the attack is there in phone to the bottom of, want to go with, very difficult!
Due to manufacturing process defects, these sensors from the Assembly line to take down, usually not so accurate. The device manufacturer by measuring and correcting for each device error in the device firmware in the encoded data to calibrate the device. In most cases, the calibration data unique identifier is a smartphone. But the researchers of the attack so that they can be inferred from calibration data, thereby obtaining the phone’s fingerprint.
Attack power
According to the team statement, SensorID on iOS devices than on Android devices the impact, the reason is Apple like in its factory production line to calibrate iPhone and iPad sensor.
In addition, according to the research team saying that the tracking method for the Apple devices more dangerous for another reason: the device homogeneity, as well as Apple tend to launch with a very accurate(calibrated)motion sensor high-quality phone.
However, the top Android smartphone is also very easy is this vulnerability to attack. In the research team’s tests, the researchers said the attack technique is also successful for the Pixel 2 and Pixel 3 the device generating the sensor calibration fingerprints.
During the attack
These calibration data can be used as a fingerprint, to generate a unique identifier, advertising or Analytics companies can use the identifier to track the user on the Internet when navigating.
In addition, since the calibration of the sensor fingerprint in using the application or website when extracted is the same, therefore the technology can also be used to track the user in the browser and third-party switching between applications, allowing analysis of the company’s comprehensive understanding of the user’s device usage.
The researchers said:
We also try in different positions and at different temperatures, measuring the sensor data, we confirm that these factors will not change the SensorID is.
Even after reset factory settings after the sensor calibration fingerprints never change, thereby allowing the tracking of the entity the access identifier as a constant unique IMEI code. In addition, due to the need to obtain special permissions, therefore the user can not perceive this type of tracking.
Currently researchers have, respectively, in 2018 8 months and 2018, the 12 month notice Apple and Google. This year 3 month, Apple released iOS 12.2 through in the sensor calibration output of the adding random noise, the solution to this vulnerability(CVE-2019-8541 )。 This means that from iOS 12.2 start, the iphone and ipad will be in every time the sensor calibration when the query is generating a new fingerprint, which makes this type of user tracking useless.
In addition, in order to eliminate other potential attack, Apple also removed the website from the Mobile Safari to access the motion sensor data.
But Google seems to have not come up with any solutions, just told the researchers they will spread the the investigation. The reason why this is the case, it may be because the iOS devices than the Android smartphone is more vulnerable to this type of tracking, and the Android smartphone ecosystem a large part is by using without calibration of the motion sensor of the low-cost device configuration.
About this study the more detailed information, please refer to the 5 May 21, researchers at the IEEE security and Privacy 2019 published entitled“SensorID: smartphone sensor calibration fingerprint recognition”of the report.
In addition, the article also provides a demo page, users can see their device is vulnerable and generate a sensor calibration fingerprints.
Mitigation strategy
This attack is easy to perform, if there is no Apple or Google’s direct intervention, it is almost impossible to stop. Create a fingerprint of the desired data in the device to access each web site or using the app. It is not completely protected, in addition to access the website or use the application, access does not require the user to perform any operation. In most cases, in access to the website or open the app, create a fingerprint takes less than a Seconds time.