HTC filed fingerprint users in the public domain
Makradar Technologies / / December 19, 2019
In 2013, Apple introduced the first iPhone 5s. One of the features of a smartphone has become a biometric fingerprint sensor. Despite the accusations of critics, hack full Touch ID and have not succeeded. You can not say about the developments of competitors.
FireEye research team found that in the HTC One Max smartphone user fingerprint stored in open access on your phone, like a picture. The danger is that the access to this "picture" could get any program, including malware, which on Android is more than enough.
Some manufacturers claim that your prints are protected. In fact, they are in the public domain, without any obstacles for third parties.
In the study, there were reports that threatened not only the HTC users, but also the owners of Samsung smartphones. As it turned out, manufacturers are simply forgotten "screwed" the necessary protection for the ARM-chips, which must be stored and prints. This means that any third-party apps may request access to fingerprint and get necessary file with subsequent transfer of attackers.
The problem is that a fingerprint - it's not a simple password, it can not be changed. This means that if a copy of the fingerprint into a net, modify the data will not succeed: your printout will be made public. In HTC's reported that they have fixed the problem, but from the other comments.
Such situations, Apple and Touch ID has never been - to break into the biometric sensor was required to resort to the creation of a full copy of the fingerprint.