BIOMETRIC passwords, where you use your finger print or face to unlock your devices, were designed to make phones more secure.
But cyber experts have reportedly uncovered two Android bugs that lets hackers “brute force” their way into your phone – should they get hold of it.
1
The team of researchers at Tencent Labs and Zhejiang University found two zero-day flaws in Android devices which could be abused to grant hackers an unlimited amount of tries to use the fingerprint scanner, according to a new report.
A zero-day flaw is a cyber gap that is exploited the same day it is discovered.
These vulnerabilities are why Apple introduced its emergency updates earlier this month.
According to the report, hackers could use databases found in academic datasets and biometric data leaks to get access the fingerprints used to hack into devices.
Depending on an Android users settings, this biometric data might be used to get access to Android Pay – or at least one step closer to their banking app.
It should be noted that, while scary, the targets for this kind of attack are not your average joe.
It is more likely to be used by state-sponsored actors and law enforcement agencies to target people of interest, researchers said, instead of the general public.
While hackers are granted an unlimited number of tries to break into Android devices – there is one saving grace.
Most read in Tech
This hack takes a lot of effort and time – enough time for you to realise your phone is missing and erase it remotely.
For a device that only has one fingerprint set up, it can take between three and 14 hours to break in.
While phones with multiple fingerprint recordings take between 40minutes and the best part of three hours.
Luckily, Android has a way to erase its phones remotely – so even if it has been stolen, you can stop people from running off with your data.
This hack can also be replicated on some Apple iOS devices, researchers warned.
However, researchers only managed to get an extra ten attempts on iPhone SE and iPhone 7 models, making it unlikely to pull off a successful attack.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
