German security researchers have managed to hack the fingerprint sensor of the new Samsung Galaxy S5 smartphone within just four days of launch.

In order to hack into the device the team from security firm SRLabs took a camera phone photo of a fingerprint found on the Galaxy S5, created a PCB mould of the print, and swiped that mould down the scanner. The whole scheme cost just £150.

Gaining access to the phone through the fingerprint scanner not only allows the hacker to access all the details on the phone, but also make payments with apps like PayPal which rely on the scanner for authentication, which is far more concerning.

PayPal have said that the fingerprint unlocks a secure cryptographic key which acts as a password for the PayPal Android app, and if a user loses their phone, they can simply de-authenticate this key remotely and create a new one, to make sure hackers do not gain control of you account.

Whilst fingerprint scanners superficially appear to offer improved security for devices likes smartphones, most have been cracked very quickly, with the latest Apple iPhone scanner hacked within 48hours of launch and for an even lower cost.


Comments are closed.