Samsung Galaxy S5 Fingerprint feature promises an extra layer of security for your smartphone, which also lets you make payments through PayPal. But does it really secure?
Just three days after the launch of the Galaxy S5, Security researchers have successfully managed to hack Galaxy S5 Fingerprint sensor using a similar method that was used to spoof the Touch ID sensor on the iPhone 5S last year.
FOOLING FINGERPRINT SENSOR
SRLabs researchers recently uploaded a YouTube video, demonstrated how they were able to bypass the fingerprint authentication mechanism to gain unauthorized access just by using a lifted fingerprint with _wood-glue _based dummy finger.
The S5 fingerprint scanner allows multiple incorrect attempts without requiring a password, so an attacker could potentially keep trying multiple spoofed fingerprints until the correct match.
PAYPAL USERS AT RISK
Samsung Galaxy S5 users can also transfer money to other PayPal users just by swiping their finger on the sensor, but this hack now allows hackers to access your PayPal account and linked bank accounts without ever having to enter a password.
In addition, If you restart your Apple’s iPhone 5S, it requires you to enter a passcode, before you can use your fingerprint as a way to unlock the phone, but Samsung has no such security method in place at this time.
No doubt, one need to have physical access of your device in order to exploit this flaw, so if your phone is stolen, a thief can access anything on your device.
Hack once again showed that unlocking a device with Fingerprint is convenient, but not secure that the passcode security.