December 23, 2024
Samsung Galaxy S5 Fingerprint Scanner Hacked [Video]

Samsung Galaxy S5 Fingerprint Scanner Hacked [Video]

Posted April 15, 2014 at 7:10pm by iClarified
A new video from SRLabs demonstrates a hack of the Samsung Galaxy S5 fingerprint scanner and details how flaws in the implementation expose users' devices, data, and even bank accounts to thieves or other attackers.

Apple's Touch ID can also be circumvented by using a fake finger; however, Apple has built-in several safeguards to make exploitation more difficult.

"Perhaps most concerning is that Samsung does not seem to have learned from what others have done less poorly. Not only is it possible to spoof the fingerprint authentication even after the device has been turned off, but the implementation allows for seemingly unlimited authentication attempts without ever requiring a password. Incorporation of fingerprint authentication into highly sensitive apps such as Paypal gives a would be attacker an even greater incentive to learn the simple skill of fingerprint spoofing."


The attacker in the video is able to use Paypal's new app to perform any task he wishes including making purchases and unsolicited money transfers from the users Paypal account.

Paypal has responded to the video with the following statement:

---
While we take the findings from Security Research Labs very seriously, we are still confident that fingerprint authentication offers an easier and more secure way to pay on mobile devices than passwords or credit cards. PayPal never stores or even has access to your actual fingerprint with authentication on the Galaxy S5. The scan unlocks a secure cryptographic key that serves as a password replacement for the phone. We can simply deactivate the key from a lost or stolen device, and you can create a new one. PayPal also uses sophisticated fraud and risk management tools to try to prevent fraud before it happens. However, in the rare instances that it does, you are covered by our purchase protection policy.
---

Take a look at the video below...


Read More [via BGR]


Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (21)
You must login or register to add a comment...
AaronL
AaronL - April 17, 2014 at 11:46am
To be honest, only a clever career criminal is going to be capable of something like that. Not a petty thief with average intelligence. I watched the Apple one and was quite an eye opener. Clearly good old fashion ways over convenience gets in the way. There's always someone spoiling things.
CHEESE!!
CHEESE!! - April 17, 2014 at 11:26am
I WANT CHOCOLATE MILK !! -Cheese
johno
johno - April 16, 2014 at 8:10pm
You do realize that apple's touchid was passed the exact same way you cant win as long as people try. watch this video https://www.iclarified.com/34059/hackers-circumvent-apples-touch-id-fingerprint-sensor-using-a-printed-finger-video I'm just saying
gamerscul9870
gamerscul9870 - April 16, 2014 at 8:19pm
Have you forgotten they increased the safeguard of Touch ID and make a higher resolution to make it match perfectly for fingers and not easier on paper like things? https://www.iclarified.com/39955/apple-commits-to-ctias-smartphone-antitheft-effort
johno
johno - April 16, 2014 at 8:09pm
You people do realize that apple's touchid was passed the exact same way you cant win as long as people try. watch this video https://www.iclarified.com/34059/hackers-circumvent-apples-touch-id-fingerprint-sensor-using-a-printed-finger-video I'm just saying
AaronL
AaronL - April 16, 2014 at 11:49am
You'll never win as they will always be people out there trying to steal things physically or electronically. If perhaps an oleophobic coating of sorts was used upon the sensor then it could prevent smudging and traces of your imprint. The answer isn't straightforward obviously.
johnny
johnny - April 16, 2014 at 11:55am
Do you own the iphone. I don't care for both Samsung has unique technic as well as iphone. If iphone created everything. What others can do? If they do something similar doesn't mean stealing. You can say the iphone is leader and they are followers. As samsung is copying better than original.
AaronL
AaronL - April 16, 2014 at 12:42pm
Answer 1: I don't own an iPhone. Answer 2: I own an LG G2. The thieves I was referring to are cyber thieves that exploit weaknesses in security. As for copying, everyone does it to a certain degree.
johnny
johnny - April 16, 2014 at 8:57am
http://techcrunch.com/2014/04/15/samsung-galaxy-s5-fingerprint-sensor/ Watch the second video and see how iphone can be hacked Guys both devices can be hacked so no winners.
0551173206
0551173206 - April 16, 2014 at 12:01pm
0096600
stevenlacross
stevenlacross - April 16, 2014 at 12:59am
You do know that there's no possible way to prevent from this, if you watched how the iphone fingerprint hack was made, you'll see that it's basically a duplicate copy of his finger, and there's no way for a fingerprint scanner to tell the difference. That doesn't mean that Samsung is less of a phone than iphone. They both can be hacked in the same way. Just be careful with which finger your using for the scanner and make sure you don't leave any finger prints that can be used to make a duplicate from. And if someone really wanted to get into your phone, they could just cut off your fingers and try each one till it worked. That's why there needs to be a two factor authenticity on these phones. Something you know and something you have. Your finger and a pass code.
DarkSide
DarkSide - April 16, 2014 at 12:58am
It's funny how the isheep completely ignore the fact that the iPhone 5s can be "hacked" using the same technique.
gamerscul9870
gamerscul9870 - April 16, 2014 at 1:20am
Not as funny how samsheeps missed the point of why iOS is more secure compared to malware Manet android, why else is the robot green?
DarkSide
DarkSide - April 16, 2014 at 11:40pm
I'm up for a good chuckle.. Go ahead and explain malware on android.
Ed
Ed - April 15, 2014 at 11:36pm
How is it possible if only 1 finger is registered and yet he can access it using other finger? Does it mean with only 1 finger registered he can still access it with his other fingers?
John
John - April 15, 2014 at 8:45pm
Not Ea's Logic, but now Samsung's Logic. Well done, great job
gamerscul9870
gamerscul9870 - April 15, 2014 at 8:46pm
Ea?
johnny
johnny - April 15, 2014 at 8:33pm
This piece is a finger print collector. He saved the other finger on it since samsung can save up to 3 finger prints. It is an old game.
gamerscul9870
gamerscul9870 - April 15, 2014 at 8:00pm
Truth hurts on me. I know.
6italia0
6italia0 - April 15, 2014 at 7:59pm
Can anyone else say RE-CALL? Lol
Yucon
Yucon - April 15, 2014 at 7:18pm
Well this is just fantastic. Great job, Samsung.
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Sequoia
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS