Wednesday, April 16, 2014

Galaxy S5 fingerprint sensor is also fooled by fake latex prints

When Apple unveiled their TouchID fingerprint sensor on the iPhone 5S, soon it was criticized because it could be fooled by fake latex fingerprints. Now, it's Samsung's latest Galaxy S5 that's also put to the test... and also fails.

Apple wasn't the first company to put a fingerprint reader on a smartphone, but it was the first (I think) to use one that can read your fingerprint without a swiping motion. The one in the Galaxy S5 is also placed in the "home button" but it requires to do the swipe motion. Just like it happened with the iPhone, the process involved in creating a fake fingerprint is more troublesome than most people would be willing to endure - but it's a possibility nonetheless.

In Samsung's case, the risk is compounded by the fact that the system never requires you to enter an additional pin/passcode, like it happens in iOS after a reboot. And because the sensor can be used by 3rd party apps, a fake fingerprint can give you access to apps like PayPal.

It's a "no-win" scenario: in iOS people complain TouchID isn't usable by 3rd party apps; in the Galaxy S5 they complain because it is. Guess we need to accept that fingerprints are just another verification method, that can fail, but is still usable for routine medium-security validation. If you add a second validation layer for truly sensitive things, I think it's more than fine for everyday use.

No comments:

Post a Comment

Related Posts with Thumbnails

Amazon Store