Tag: fingerprint

Apple iPhone 7 May Not have a Home Button

The iPhone 7 to be launched this year is expected to bring about a significant design change for the Cupertino-based technology giant. With Apple revising the design of the iPhone with each new number, the iPhone 7 is expected to improve its looks drastically in comparison to the iPhone 6s.

Adding to the rumors of the new all glass design is the recent announcement by LG. The company announced that they have developed a new display technology which will allow manufacturers of smartphones to place a fingerprint scanner right on the display glass.

It is not new information that LG is one of the biggest display providers to Apple, and with the next iPhone due in September 2016, LG’s announcement comes right on time. The new display by LG allows the user to scan their finger anywhere on the glass of the screen, making the need for a button or a panel to scan the fingerprint redundant. LG said its new module has a false acceptance rate (FAR) of 0.002 percent. Because the module is sealed under a layer of glass, it remains protected from splashes and scratches.

Back in June 2015 reports pointed to Apple working on an integrated fingerprint scanner display :

Apple is internally developing touch and display driver integration (TDDI) single-chip solutions for its iPhones, according to sources in Taiwan’s IC design industry.

The TDDI single-chip solutions will also come with integrated fingerprint sensors, said the sources. The integrated design would fit into future iPhone designs – models with ultra-thin and ultra-narrow displays, and with a whole plane design eliminating the Home button.

In fact, Apple also has a patent for the same.

Other reports point to a flush home button made of liquid metal, which would be recessed when pressed but would return to original shape after recovery.

LG’s solution, which is 0.3mm thick, is inserted on the lower backside of a smartphone’s cover glass. LG has also designed its own adhesive to allow this module to be stuck to the glass of the smartphone.

With 3D touch, the need for the home button may also be directly replaced by making the screen 3D touch capable. With LG’s new fingerprint technology, and Apple’s 3D Touch released with the iPhone 6s combined with rumors of a seamless glass design, it is highly likely that Apple may drop the home button on the iPhone 7.

Via

May 4, 2016
Research : Almost All Fingerprint Sensors on Android Mobiles Can Be Hacked

New reports suggest that our fingerprints are not as unique and safe for security, as we might have otherwise believed. This makes almost all Android smartphones in the future susceptible to getting hacked. Studies by FireEye researchers Tao Wei and Yulong Zhang have outlined new ways to attack an Android device to extract the user’s fingerprint.

As of now, this threat is said to be confined to Android devices like Samsung, Huawei and HTC devices. The research shows four outlines for these hacks, and one them called the “fingerprint sensor spying attack”, is said to be able to “remotely harvest fingerprints on a large scale,” says Zhang.

Reports suggest that the two devices that have been hacked are – the HTC One Max and Samsung’s Galaxy S5. This happens because the device doesn’t fully lock down the sensor, allowing the hacker to acquire a fingerprint image.

“In this attack, victims’ fingerprint data directly fall into attacker’s hand. For the rest of the victim’s life, the attacker can keep using the fingerprint data to do other malicious things,” Zhang said.

As we know before fingerprint technology was used for mobile payments and unlocking devices, it had been previously used for identity, immigration, and for criminal records. However, researchers have not mentioned which device is more secure than the other, although they have mentioned that the iPhone is “quite secure” as it is encrypted by a fingerprint data from the scanner. So, “even if the attacker can directly read the sensor, without obtaining the crypto key, [the attacker] still cannot get the fingerprint image,” he said.

Research also says that this hack is susceptible to high-end laptop users with fingerprint sensors and advice users to use devices that are regularly updated and install apps only from reliable sources.

Source:[tw-button size=”medium” background=”#07ABE2″ color=”” target=”_blank” link=”http://www.zdnet.com/article/hackers-can-remotely-steal-fingerprints-from-android-phones/”] Zdnet[/tw-button]

August 7, 2015
Apple Details iPhone 5s Touch ID Scanner

Apple has updated its iOS Security document to include intricate, detailed information pertaining to the Touch ID sensor that is found on the iPhone 5s.

Apple reiterates that Touch ID and its Secure Enclave store only data from scanned fingerprints, rather than actual images. Using a secure boot process, the Enclave – a coprocessor inside of Apple’s A7 processor – verifies and signs information independently of other iOS hardware and software.

All Secure Enclaves can function independently even if a kernel is compromised and each one contains a unique ID inaccessible to other parts of the system and unknown to Apple, preventing the company or any other third parties from accessing data contained within.

“Each Secure Enclave is provisioned during fabrication with its own UID (Unique ID) that is not accessible to other parts of the system and is not known to Apple. When the device starts up, an ephemeral key is created, tangled with its UID, and used to encrypt the Secure Enclave’s portion of the device’s memory space,” the document said.

“Additionally, data that is saved to the file system by the Secure Enclave is encrypted with a key tangled with the UID and an anti-replay counter.”

And while the A7 processor deals with data from Touch ID, this information is encrypted by the scanner, making it unreadable to the rest of the phone. Only Secure Enclave can authenticate the data.

“It’s encrypted and authenticated with a session key that is negotiated using the device’s shared key that is built into the Touch ID sensor and the Secure Enclave,” the document reads. “The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption.”

Apple has also spelt out that it has strict no-third party app rule when it comes to TouchID data. “Touch ID authentication and the data associated with the enrolled fingerprints are not available to other apps or third parties,” reads the document.

February 27, 2014
Chaos Computer Club Breaks Apple’s TouchID

The biometrics hacking team of the Chaos Computer Club has successfully bypassed the biometric security of Apple’s TouchID by using everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID.

Apple launched its new iPhone 5s with a fingerprint sensor, which was supposedly much more secure than previous fingerprint technologies.

In reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake”, said the hacker with the nickname Starbug, who performed the critical experiments that led to the successful circumvention of the fingerprint locking. “As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”

The process, requires a 2400 DPI photograph of someone’s fingerprint from a glass surface, which is then laser printed at 1200 DPI and used to create a thin latex sheet that serves as the fake print. You can watch the video below:

[youtube id=”HM8b8d8kSNQ” width=”100%” height=”300px”]

However, most iPhone 5s users may want to consider fingerprint access as an option for convenience rather than security.

September 23, 2013