FB pixel

A new OnePlus 7 biometric exploit to worry about

 

Fingerprint-Identification

The fingerprint biometric component on Android OnePlus 7s is presenting another security headache for the phones’ makers.

An article from security news publisher Trusted Review reports that researchers discovered a fairly esoteric way to convince the Google Android model to give up fingerprints and get user privileges.

The exploit has been fixed, but it is not known how many, if any, fingerprints were snared before that happened.

Synopsys’ Cybersecurity Research Center, or CyRC, researchers found the problem. According to the Trusted Review story, they got access to raw images of fingerprints via the rich execution environment (REE) even though images should have been securely stowed in the trusted execution environment (TEE).

It was a complex process, which means that only determined and experienced hackers would have known to look for — much less succeeded — with it. Little solace, but still.

A year ago, a video was posted showing a much less sophisticated way of faking a fingerprint to access a OnePlus 7 Pro. Elmer’s glue and aluminum foil were employed to create a print capable of opening a phone as fast as does a legitimate fingerprint.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Biometric sensors for road safety launched by Infineon, Rheinmetall Dermalog

Infineon Technologies and Rheinmetall Dermalog Sensortec have each introduced biometric identification and authentication tools, one based on fingerprints and other…

 

New tools, Authenticate presentations coax hesitant businesses to adopt passkeys

The FIDO Alliance has launched a pair of tools at its Authenticate 2024 event online and in Carlsbad, California, Passkey…

 

How to get passkeys working for a billion Microsoft users and beyond

The FIDO Alliance has kicked off the Authenticate 2024 conference with a campaign urging people to “free yourself with passkeys,”…

 

French regulator releases technical reference on age verification for porn

France’s Regulatory Authority for Audiovisual and Digital Communication, Arcom, has published its Technical Reference on Age Verification for the Protection…

 

EU’s EES delay welcomed as an opportunity to test biometric efficiency

The implementation of the European Union’s biometric Entry/Exit System (EES), designed to tighten border security and streamline the tracking of…

 

De La Rue exits authentication business with $393M acquisition by Crane NXT

Crane NXT, a micro-optics and security systems manufacturer based in the United States, has announced the acquisition of De La…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events