Hackers “can read Galaxy S5 fingerprint data”

PanARMENIAN.Net - A research firm has claimed that fingerprint data can be taken from some Android smartphones, including Samsung's Galaxy S5, Digital Spy reports.

FireEye says that hackers are able to avoid the so-called 'secure zone' where biometric data is handled and copy fingerprints directly from the sensor instead.

Stolen fingerprint copies can then be reconstructed by an attacker and be used however they please.

"If the attacker can break the kernel [the core of the Android operating system], although he cannot access the fingerprint data stored in the trusted zone, he can directly read the fingerprint sensor at any time," FireEye's Yulong Zhang explained to Forbes.

"Every time you touch the fingerprint sensor, the attacker can steal your fingerprint. You can get the data and from the data you can generate the image of your fingerprint. After that you can do whatever you want."

The startling vulnerability only affects some Android smartphones using versions earlier than Lollipop, so users of newer handsets such as the Galaxy S6 are in the clear.

Samsung Galaxy S5 is the only smartphone specifically named by the security firm, but it added: "We only tested a limited number of devices. While we expect the issue is more widespread, we are not sure."

Meanwhile, the South Korean smartphone maker has said it "takes consumer privacy and data security very seriously" and is "currently investigating".