Aug 102015
 August 10, 2015  Business

Darren Pauli reports:

Four FireEye researchers have found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max.

The team found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in a open “world readable” folder.

“Any unprivileged processes or apps can steal user’s fingerprints by reading this file,” the team says, adding that the images can be made into clear prints by adding some padding.

Read more on The Register.

Sorry, the comment form is closed at this time.