Hackers can copy your fingerprint data from Android devices

MUMBAI, INDIA: A major security flaw affecting Android devices and users allows hackers to copy your fingerprint data.

Researchers at the annual event Black Hat security conference identified serious security flaws affecting Android devices with finger print sensors.

The fingerprint sensor spying attack–confirmed on the HTC One Max and Samsung Galaxy S5–can remotely harvest fingerprints, allowing a hacker to extract copies of user fingerprint images.

This is possible because device makers don't fully lock down the sensor, and once an attack is in place, fingerprint data on anyone who uses the sensor can be collected, pointed out Researchers Tao Wei and Yulong Zhang.

According to Zhang, "The sensor on some devices is only guarded by the system privilege instead of root, meaning that rooting or jail breaking your phone can leave the user at greater risk."

While the threat is limited mostly to Android devices with fingerprint sensors such as Samsung, HTC, and Huawei devices, he said that the iPhone 5s, 6 and 6 plus are secure, as the Apple devices encrypt fingerprint data from the scanner.

Although Samsung, HTC and Huawei have released patches after being alerted to the threat, researchers warned users to keep devices software regularly updated, and only install apps from reliable sources.