Samsung Galaxy biometric software hacked, overshadowing strong ultrasonic sensor performance

A hacker group has stolen biometric authentication algorithms from Samsung and leaked them, among roughly 200GB of compressed source code for its mobile devices data stolen, according to Tom’s Hardware.

The group claiming credit for the hack, known as ‘Lapsus$,’ was also behind a hack on Nvidia in late-February, and says it was able to exfiltrate Knox authentication code, bootloader code for all of Samsung’s recently-released mobile devices, Trusted Applet source code, and code for Samsung services and accounts, in addition to the biometric software. The biometric unlock code includes the code that communicates directly with the sensor, according to posts shared on Twitter.

Tom’s Hardware notes that one in every five smartphones sold around the world is a Samsung Galaxy device.

The hackers are sharing the Samsung code in three tranches over BitTorrent, having purportedly delayed a threatened leak of Nvidia code due to a potential buyer.

Samsung has confirmed the veracity of the hack, but says no personal data has been stolen.

At least the ultrasonic fingerprint biometric sensor works well

The launch of the new Samsung Galaxy S22 last month has been overshadowed by the breach, but early reviews like that published by Chrome Unboxed suggest the in-display ultrasonic fingerprint sensor implemented in the flagship smartphone is a hit.

Reviewer and self-confessed Pixel enthusiast Robby Payne says the fingerprint sensor’s performance far outstrips that of the Pixel 6, which features an optical biometric sensor.

Ultrasonic fingerprint sensors from Qualcomm were originally built into the Samsung Galaxy S10 series, but the company considered pulling back on the technology following poor reviews. Since then, Qualcomm partnered with Precise Biometrics to upgrade its sensors’ biometric software.

Chrome Unboxed notes that both ultrasonic and optical in-display fingerprint sensors were found to be relatively slow and inaccurate by the standards of 2019, but both technologies appear to have advanced considerably, and most Android smartphones today feature optical fingerprint sensors. The new generation in the Samsung Galaxy S22 is the fourth integrated by the tech giant, and the review compares its performance to surface-mounted capacitive biometric sensors. A single short tap with the new ultrasonic sensor is consistently sufficient to capture the user’s fingerprint biometrics and unlock the device, Payne writes.

Article Topics

algorithms  |  authentication  |  biometric software  |  biometrics  |  fingerprint sensors  |  hacking  |  Samsung  |  smartphones