FB pixel

Touch ID returns for new iPhone SE as OnePlus fingerprint biometric vulnerability found and patched

| Chris Burt
Categories Biometrics News  |  Consumer Electronics  |  Fingerprint Recognition
 

Fingerprint-Identification

Even a deadly pandemic has not prevented Apple from launching a new iPhone, the second-generation iPhone SE, which includes Touch ID fingerprint biometrics integrated with a front-mounted home button instead of Face ID facial recognition.

The new smartphone retails for a suggested $399, and features an A13 Bionic chip, which is used in other iPhones and the company calls the fastest in such a device, and a 4.7-inch Retina HD display, which is among the smallest Apple has released.

There are few differences between the appearance of the iPhone SE and an iPhone 8, the Wall Street Journal writes.

The iPhone SE includes a rear camera with high-quality video capture, according to the company’s announcement, but the Journal reports it has generally more modest camera specifications than higher-end iPhones.

According to the Journal, a new line of iPhones slated for a fall release will feature a new design and 5G connectivity.

OnePlus biometric data vulnerability reported

OnePlus 7 Pro Android phones have a vulnerability which allows an attacker with root privileges to exfiltrate bitmap fingerprint images from the device’s Trusted Execution Environment (TEE), according to a blog post from the Synopsys Cybersecurity Research Center’s (CyRC).

Vulnerability CVE-2020-7958 makes images from the fingerprint sensor of the OnePlus 7, which should only be accessible in the TEE, available from the Rich Execution Environment (REE). The vulnerability has a CVSS 3.0 overall score of 6.6, which places it near the high end of the medium severity rating.

An attacker gaining root privileges in the REE can communicate directly with factory testing APIs exposed by Trusted Applications running in the TEE, CyRC explains, enabling a sequence of commands to expose the biometric data.

OnePlus addressed the vulnerability with the 10.0.3.GM21BA software build, which all users should update their devices to.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Identy pushes on-device biometrics to combat Nigeria’s banking fraud surge

Nigeria’s banking sector is increasingly turning toward biometric authentication as financial institutions face persistent fraud, SIM swap attacks and account…

 

One UK digital identity system runs into the politics of Ireland, Scotland, Wales

It can be easy to think of the UK as one unified country but when local elections occur, the reality…

 

Disney hit with class action over facial recognition at California parks 

Disney is facing a proposed class action alleging the company illegally collected visitors’ biometric data through facial recognition systems at…

 

Oklahoma lawsuit says Roblox safety failures were ‘intentional’ despite age checks 

Oklahoma is the latest state to take legal action against Roblox, which is facing a wave of lawsuits in the…

 

US demand for biometric access complicates EU visa waiver talks

European Union (EU) officials are negotiating a new border security framework with the United States that could give American authorities…

 

Thomson Reuters and Socure partner on AI-driven fraud prevention

Thomson Reuters is moving deeper into digital identity verification and fraud prevention through a new partnership with Socure, tying together…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events