FB pixel

A new OnePlus 7 biometric exploit to worry about

 

Fingerprint-Identification

The fingerprint biometric component on Android OnePlus 7s is presenting another security headache for the phones’ makers.

An article from security news publisher Trusted Review reports that researchers discovered a fairly esoteric way to convince the Google Android model to give up fingerprints and get user privileges.

The exploit has been fixed, but it is not known how many, if any, fingerprints were snared before that happened.

Synopsys’ Cybersecurity Research Center, or CyRC, researchers found the problem. According to the Trusted Review story, they got access to raw images of fingerprints via the rich execution environment (REE) even though images should have been securely stowed in the trusted execution environment (TEE).

It was a complex process, which means that only determined and experienced hackers would have known to look for — much less succeeded — with it. Little solace, but still.

A year ago, a video was posted showing a much less sophisticated way of faking a fingerprint to access a OnePlus 7 Pro. Elmer’s glue and aluminum foil were employed to create a print capable of opening a phone as fast as does a legitimate fingerprint.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Research

Biometrics White Papers

Biometrics Events

Explaining Biometrics