Samsung Galaxy S5 fingerprint sensor reportedly vulnerable to hacks

According to Berlin-based SR Labs, Samsung’s implementation of its Synaptics-based fingerprint sensor “leaves much to be desired.”

Last October, SR Labs reproduced a finger imprint using high-resolution sensors, a piece of glass, and a ceramic mould. While such a reproduction would be time-consuming and expensive, Apple’s implementation was given some credit for forcing users to intermittently enter a password to continue using Touch ID for authentication. Samsung, on the other hand, allows for “seemingly infinite authentication attempts,” even in apps like PayPal, with which the Korean OEM partnered for payments.

PayPal has released a statement saying that because the payment authentication uses a crytographic key, which relies on a user’s password, in addition to the fingerprint itself, for authentication, the company can remotely de-activate fingerprint activation from the app if the device is stolen.

SR Labs impresses upon Samsung to be more vigilant with its fingerprint sensor implementation, as it leaves devices more open to spoofing than any other currently on the market.[signoff predefined=”Enjoy this?” icon=”icon-users”][/signoff]

Via