FB pixel

Touch ID returns for new iPhone SE as OnePlus fingerprint biometric vulnerability found and patched

| Chris Burt
Categories Biometrics News  |  Consumer Electronics  |  Fingerprint Recognition
 

Fingerprint-Identification

Even a deadly pandemic has not prevented Apple from launching a new iPhone, the second-generation iPhone SE, which includes Touch ID fingerprint biometrics integrated with a front-mounted home button instead of Face ID facial recognition.

The new smartphone retails for a suggested $399, and features an A13 Bionic chip, which is used in other iPhones and the company calls the fastest in such a device, and a 4.7-inch Retina HD display, which is among the smallest Apple has released.

There are few differences between the appearance of the iPhone SE and an iPhone 8, the Wall Street Journal writes.

The iPhone SE includes a rear camera with high-quality video capture, according to the company’s announcement, but the Journal reports it has generally more modest camera specifications than higher-end iPhones.

According to the Journal, a new line of iPhones slated for a fall release will feature a new design and 5G connectivity.

OnePlus biometric data vulnerability reported

OnePlus 7 Pro Android phones have a vulnerability which allows an attacker with root privileges to exfiltrate bitmap fingerprint images from the device’s Trusted Execution Environment (TEE), according to a blog post from the Synopsys Cybersecurity Research Center’s (CyRC).

Vulnerability CVE-2020-7958 makes images from the fingerprint sensor of the OnePlus 7, which should only be accessible in the TEE, available from the Rich Execution Environment (REE). The vulnerability has a CVSS 3.0 overall score of 6.6, which places it near the high end of the medium severity rating.

An attacker gaining root privileges in the REE can communicate directly with factory testing APIs exposed by Trusted Applications running in the TEE, CyRC explains, enabling a sequence of commands to expose the biometric data.

OnePlus addressed the vulnerability with the 10.0.3.GM21BA software build, which all users should update their devices to.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Harmonized digital driving license in EU approved as part of driving reform package

The EU is getting closer to a harmonized mobile driver’s license (mDL) with the approval of a provisional deal on…

 

DARPA taps Aptima to bring media forensics to market amid deepfake surge

The Defense Advanced Research Projects Agency (DARPA) has awarded a commercialization contract to Aptima, Inc. that marks a critical inflection…

 

Parsons secures sole source deal to equip U.S. Air Force with biometric kits

The U.S. Air Force Air has issued a notice of intent to award a sole-source contract to Parsons Corporation for…

 

Gov.uk Wallet ‘empowering the market,’ says Kyle, in big win for OSPs

After a tense few weeks, the UK government has released the working principles for the Gov.uk Wallet plan that has…

 

Biometrics integrations, identity intelligence improve financial services onboarding

Major integrations for Fourthline and BioCatch are expanding the reach of their biometric user onboarding and KYC technologies, as financial…

 

Pakistan introduces digital birth, death registration in health facilities

Pakistan has taken a decisive move to streamline birth and death registration by digitizing the process and making services available…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events