security

I’m a security expert – all Android users need to edit settings now before common feature leaves you with c… – The US Sun


SECURITY researchers have claimed Android fingerprint security isn’t that reliable.

If you use your fingerprint as your passcode, you may want to take note of a recent study that claims brute force can hack most Android phones with fingerprint protection.

Fingerprint protection on Android isn’t as safe as previously thought, according to two security expertsCredit: Getty

Chinese researchers, Yu Chen and Yiling He, conducted the study.

The experts tested their attack method on ten off-the-shelf smartphones and found it was effective on all of them.

They wrote: “The unprecedented threat needs to be settled in cooperation of both smartphone and fingerprint sensor manufacturers.”

Fingerprint-locked iPhones were also experimented on but with less success than Androids.

The researchers wrote that their “fingerprint bruteforce attack is validated on all devices except iPhone, where the shortest time to unlock the smartphone without prior knowledge about the victim is estimated at 40 minutes.”

Security experts Chen and He based their attack on a single flaw in Android’s fingerprint sensors.

The smartphones they tested didn’t encrypt the communication between the sensor and the system of the phone.

This means the communication channel could be hacked.

The attack involved attaching another device to the smartphone and sending messages that pretended to be the fingerprint sensor telling the Android to unlock.

Chen and He have called the attack method BrutePrint, and it still involves a fingerprint database, special equipment, software, and AI.

It also requires many hours and, without knowledge of the person that the phone was stolen from, it could take even longer.

Readers Also Like:  Microsoft Teams innovations for manufacturing at Hannover Messe ... - Microsoft

The attack method may be sophisticated, but if your phone got stolen and a cybercriminal used this technique, it could turn into a costly nightmare for you.

Not only would the hacker have your phone but they may be able to access your accounts as well as personal and financial information.

The attack isn’t very likely but to stay safe you can always add a longer numerical passkey to your phone.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.