Vulnerability found in Android and HarmonyOS to bypass the fingerprint scanner

Chinese explorers discoveredthat many Android smartphones are vulnerable to fingerprint security breaches. New method brute force attacks called BrutePrint.

BrutePrint exploits two zero-day vulnerabilities to increase fingerprint login attempts finger to infinity, while usually the smartphone asks for a passcode after several unsuccessful attempts.

The exploit was confirmed on six popular Android smartphones, including Xiaomi Mi 11 Ultra and OnePlus 7 Pro, as well as Huawei P40 on HarmonyOS and iPhone with a fingerprint scanner. If in the case of Android and HarmonyOS it was possible to get an infinite number of login attempts using a scanner, then on the iPhone this method can only increase the number of attempts to 15 instead of the usual 5. It's not enough for a hack.

Having received endless attempts, a simple device of two boards and a manipulator feeds fingerprint images from bases to the smartphone. They are processed so that the smartphone system considers them as images from the scanner and checks with its database. In some cases, researchers have even been able to manipulate the false positive cutoff value to speed up fitting.

It is noted that for hacking, an attacker needs physical access to the device, as well as fingerprint databases (from open academic sources or biometric data leaks). The equipment required for the exploit is inexpensive: it can be assembled for about $15.

However, hacking also takes a lot of time: from 2.9 to 13.9 hours if the user has registered only one finger for scanning. The more fingerprints there are in the smartphone's memory, the faster BrutePrint runs: it can take less than an hour to hack.

The use of such hacking systems has not yet been reported. Although most users are unlikely to be the target of such attacks, this technology can be dangerous for stolen devices that have not been enabled for Lost Mode.