Security at its finest

Samsung’s new fingerprint scanner easily spoofed




glam_galaxy-s5_groupThat fancy fingerprint scanner in your new Samsung Galaxy S5? Turns out, it’s easily spoofed from nothing more than a photograph of your fingerprint.

A German security team, Security Research Labs, was easily able to spoof the system due to the way it’s implemented in other devices which makes it a higher risk. The video, embedded after the break, not only shows the team gaining access to the device by using a fake fingerprint but it also shows them gaining access to PayPal which also supports the new sensor and is just as easily faked out as the rest of the phone.

Interestingly, Ars Technica reports that this spoofing method doesn’t work against Apple’s Touch ID system but does work on the S5. Given that the team acquired the fingerprint simply by taking a photo of a fingerprint left on a screen, it’s very easy to replicate this attack and gain access to everything, especially when you consider just how many smudges are often left on a phone screen.

The video showing off this spoofing attack is embedded after the break.
Source: Ars Technica


[youtube https://www.youtube.com/watch?v=sfhLZZWBn5Q]