FB pixel

A new OnePlus 7 biometric exploit to worry about

 

Fingerprint-Identification

The fingerprint biometric component on Android OnePlus 7s is presenting another security headache for the phones’ makers.

An article from security news publisher Trusted Review reports that researchers discovered a fairly esoteric way to convince the Google Android model to give up fingerprints and get user privileges.

The exploit has been fixed, but it is not known how many, if any, fingerprints were snared before that happened.

Synopsys’ Cybersecurity Research Center, or CyRC, researchers found the problem. According to the Trusted Review story, they got access to raw images of fingerprints via the rich execution environment (REE) even though images should have been securely stowed in the trusted execution environment (TEE).

It was a complex process, which means that only determined and experienced hackers would have known to look for — much less succeeded — with it. Little solace, but still.

A year ago, a video was posted showing a much less sophisticated way of faking a fingerprint to access a OnePlus 7 Pro. Elmer’s glue and aluminum foil were employed to create a print capable of opening a phone as fast as does a legitimate fingerprint.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Asian banks deploy biometrics and digital ID for security, additional services

As digital identity gains prominence in a financial industry beset by fraud, nations in Asia are enabling banks to lead…

 

Mobile ID combats fraud, gives holder control of personal data: USPF report

The U.S. Payments Forum (USPF) has published a new white paper entitled “The Role of Mobile IDs in Payments.” Authored…

 

Wyoming plots mobile driver’s license launch for 2025

Wyoming is moving towards the issuance of digital ID in the form of an optional mobile driver’s license, but it…

 

EU publishes rollout schedule for AI Act

The European Union has published the final text of the Artificial Intelligence Act, outlining the most important deadlines for complying…

 

World Bank identifies priority actions for DPI in Equatorial Guinea

A World Bank team has identified immediate actions which the government of Equatorial Guinea should undertake in ramping up its…

 

Some sort of ID could be ‘inevitable’ for UK: lawmakers

The UK is still debating national identity documents and digital identities, with lawmakers and experts arguing that the creation of…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events