Nairobi News

NewsWhat's Hot

Hackers breach phone fingerprint security


Hackers have come up with ways of accessing phones that are locked with fingerprints, security researchers have warned.

The hackers take copies of fingerprints used to unlock the phones and can even use the information to access other secure platforms.

Most of the latest smartphones in the Kenyan market have the fingerprint technology including Samsung, Apple, Huawei and HTC.

The Samsung S6 and the iphone 6 come with the fingerprint technology already installed. Other users download fingerprint apps and install them.

Fingerprint ID systems are used in smartphones to unlock the devices or as a way to check who is authorising a transaction.

But speaking at a conference of internet security experts in Los Angeles at the weekend, Yulong Zhang and Tao Wei from security firm Fire Eye said a flaw in the Android system has enabled hackers access the fingerprint data.

FINGERPRINT LEAKED

“Password leaked? Fine, you can easily replace it with a new one. Fingerprint leaked? Well, it is leaked for the rest of your life.

Moreover, it is associated with your identity record, immigration history,” said the researchers during the presentation at the RSA conference in San Francisco, USA.

Mr Zhang said the flaws they uncovered are likely to be widespread throughout handsets running Android 5.0 and below. Updating to the latest version 5.1.1, should remove the vulnerabilities, he said.

The Samsung S6 comes with Android 5.0.2, a higher version that is not yet susceptible to the hacking.

But Samsung East Africa, which sells the biggest number of android phones in the market, says its fingerprint technology is secure.

“There have been no reports of a breach. That is why Samsung went further to improve this technology by installing a fingerprint reader on the home key and back up technology of mobile payment ,” Business Leader Internet and Mobile East Africa. Mr Simon Kariithi said.

He, however, advises those using the fingerprint technology and have installed a lower version than Android 5.0, to upgrade only one level higher.