Samsung Galaxy S5 and other ‘unnamed Android devices’ could leak user fingerprints to hackers that can clone them. According to security experts at FireEye, although Samsung implements encryption mechanism to protect user fingerprints archived on the mobile phone, an attacker can steal them just before they are encrypted. Smartphones acquire the user fingerprints in order to authenticate it, the scanned print is then compared against a copy held by the ARM TrustZone technology. When the user presses his finger against the device, the TrustZone code accesses the sensor, checks the scanned print and then provide the result of the comparison back to the OS. The TrustZone code is the unique one that could read data from the sensor. The attacker can then steal the fingerprints, clone and use them impersonate the victim against other authentication services that use his fingerprints.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street