![]() ![]() The threat to both Samsung and Apple users seems to be largely theoretical, however. ![]() "This gives a would-be attacked an even greater incentive to learn the simple skill of spoofing fingerprints," said SRE's researcher, pointing out that they could use the Paypal implementation to send large sums of money while using the fake fingerprint as verification. Once locked out, the user has to enter a password or code to access the phone.Īpple also only links its Touch ID system to unlocking the phone or its App Store, though once a phone is unlocked any app is accessible.īut Samsung offers fingerprint authentication to unlock the phone, for Paypal payments, and to secure folders on the phone. ![]() Other manufacturers including HTC and Motorola have offered fingerprint unlocking, but with little takeup.Īpple's implementation, called Touch ID, locks out the user after three attempts, if the phone has been turned off, if more than 48 hours have passed since the phone was unlocked, or to change or remove the Touch ID setting. The group specifically highlights the absence of a "lock out" function compared with the iPhone 5S, the only other mass-market phone offering fingerprint authentication. "They do not seem to have learned from what what others have done… while biometrics will always carry with them the trade of security for convenience, it is the manufactures responsibility to implement them in a way that does not put their users crucial data and payment accounts at risk." "Samsung's implementation of fingerprint authentication leaves much to be desired," the researcher from SRE said. But the researchers pointed to what they said are "additional concerns" about Samsung's security system compared with the iPhone's, because a would-be hacker can make an unlimited number of attempts at spoofing the fingerprint, and because it can be linked to payment systems such as PayPal - which could then be used to wire money to the attacker's account. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |