Hackers can abuse Galaxy S6 fingerprint tech
According to security researchers, a flaw in Android enables hackers to steal personal information from devices


Security research firm FireEye has revealed the Samsung Galaxy S6's fingerprint scanner is flawed, meaning hackers could steal the personal information stored on the device.
Yulong Zhang and Tao Wei, researchers at the company said personal data could be intercepted before it reaches a secure area on devices, allowing hackers to siphon it off.
The flaw is present in all devices running Android version 5.0 or older if the hacker was able to gain high-level access to a device. However, for those using Samsung Galaxy S5 devices, the issue is even more worrying, because hackers could potentially get fingerprint data by accessing the device's memory.
The research, to be presented at the RSA security conference in San Francisco today, revealed that criminals could create a fake lock screen that would make the user think they are unlocking the device when really they are authorising a payment.
Alternatively, hackers could over-ride the owner's fingerprint data with their own, meaning users are denied access to their own device, but criminals could use it instead for their own means.
All devices running on Android 5.0 and below are open to such attacks, but the update to Android 5.1.1 corrects this issue, FireEye said.
Because the flaw lies in the operating system rather than the device itself, FireEye said other Android-based fingerprint readers could be at risk too.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
In April last year, the Samsung Galaxy S5's fingerprint reader was hacked by another set of security researchers who wanted to demonstrate how easy it was to over-ride the security measure.
Samsung said it takes its customers' security seriously and would investigate into the claims by FireEye.

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.
-
Red Hat and Samsung agree landmark software deal to develop next-gen storage
News The partnership is a first for Samsung as the companies commit to developing memory software designs that can keep up with emerging tech
By Connor Jones
-
The IT Pro Products of the Year 2019: All the year’s best hardware
Best Our favourite equipment from the past 12 months
By ITPro
-
Best business smartphones: The top handsets from Apple, Samsung, Google and more
Best The best business smartphones on the market today packed with work-focused features you need
By Alan Martin
-
Samsung Galaxy S5: Top 16 tips and tricks
Tutorials Get the most out of your Galaxy S5
By Zach Marzouk
-
Samsung Galaxy Tab S3 review
Reviews The best Android tablet around - but it’s still not a match for the iPad
By Adam Shepherd
-
Tablet market falls 15% as low-cost devices lead sales
News Weakened market caused by 'low-cost detachables" sees third-quarter tablet sales fall by 15%
By Dale Walker
-
Apple re-awarded $120m in Samsung spat
News Judge rules in favour of Apple in latest round of patent infringement bout
By Clare Hopping
-
Samsung Galaxy S7/S7 Edge price, features and specs: Samsung Galaxy overtakes Apple iPhone US sales
Rumours Galaxy S7 beats iPhone 6s shipments in American market
By Jane McCallion