The Samsung Galaxy S5 launched last Friday, several weeks after the official announcement at Mobile World Congress, and so far, it looks to be doing rather well in terms of general sales. However, as with most new mobile releases, it hasn’t managed to escape those blasted teething issues, and the new fingerprint sensor, as revealed by a security company, is susceptible to a rather dangerous hack that can put PayPal accounts at risk.
When the iPhone 5s launched back in September, the Touch ID fingerprint sensor was the main talking point, but while the feature has adjusted rather well to life integrated into the home button of the flagship Apple device, it did suffer one or two early problems.
Samsung’s fingerprint sensor, while different to Touch ID, operates in a similar manner, and thus, it shouldn’t come as too much of a surprise that it too has been beset by early problems. As noted by security outfit SRLabs, the Galaxy S5 can be compromised by creating a “dummy finger,” and within minutes, a copied print could be used by an unscrupulous individual to worm their way into your PayPal account.
This spoofing of the fingerprint sensor, SRLabs continues, leaves Galaxy S5 users in a far more precarious position than iPhone 5s users were, mainly because of the way in which Samsung has implemented its fingerprint tech into the device. While iPhone users need to input a password to verify fingerprint authentication every time a device is rebooted, the Galaxy S5 doesn’t include this extra step, leaving users very susceptible to hacks.
The consensus seems to be, however, that like Apple’s Touch ID, the fingerprint sensor of the Galaxy S5 is very smooth, seamless, and works exactly as purported. However, this issue, which opens the door to uncanny individuals, does not make for particularly happy reading, and with Samsung looking to avoid bad press at all costs – especially given the current circumstances – here’s to hoping that some kind of security patch or update is forthcoming.
In the meantime, SRLabs has provided a video detailing exactly how the fingerprint hack works. Check out the embedded clip below, and be sure to leave your thoughts via the usual channels!
(Source: HeiseSecurity [Google Translate])