Galaxy S5 fingerprint scanner hacked

Hasil tiruan pasti akan mendapatkan masalah yang serupa dengan benda yang ditiru, bukan? Kalau dulu sensor fingerprint pada iPhone 5s bisa dikelabui dengan trik “kulit buatan”, maka Galaxy S5 pun demikian.

Dilaporkan dari BGR:

As noted by German-language security blog H Security, SRLabs has posted video evidence that the fingerprint scanner on Samsung’s Galaxy S5 can easily be spoofed using a lifted print. In mere minutes, the group was able to create a “dummy finger” using an actual fingerprint to gain unauthorized access to the phone.


Yang jadi permasalahan adalah, Samsung dengan berani mengijinkan pihak ketiga mengakses fingerprint scannernya (dalam rangka untuk menjadi selangkah di depan Apple) tetapi mereka belum bisa benar-benar meniru mekanisme keamanan pada Touch ID, kecuali, sisi keamanan ada di bagian bawah pada daftar prioritas mereka:

With Apple’s Touch ID system, users are required to input their password one time before using a fingerprint for authentication. The password must be used again once each time the device is rebooted. This extra step seems annoying, but it prevents the very spoof achieved by SRLabs.

On Samsung’s Galaxy S5 however, no password is needed to access the device. Even after a reboot, a simple swipe of a finger will unlock the phone. And what could be much more alarming is the fact that, even after a reboot, users don’t need a password to access PayPal and make payments through the app if it has been configured for fingerprint authentication.

(Video)

Samsung, kalian punya PR tuh.