This didn't take long........ Samsung Galaxy S5 Fingerprint Scanner Hacked

Eric Ruiz1

Active member
Apr 14, 2014
38
0
0
Visit site
I wouldn't worry about it too much. Unless someone is desperately set out to get your phone, nobody is gonna replicate your print

Posted via Android Central App
 

ZiggSVO

Well-known member
Jun 7, 2010
396
52
0
Visit site
It wasn't hacked....
They used a lifted print to unlock your phone...lol
If they go through that much trouble to lift and replicate your print...I doubt they are after your phone...
That report was stupid.. of course using a fingerprint of the finger used to unlock a phone would work...

Disclaimer: I didn't read full article. Didn't want to lose brain cells ;)

Posted via Android Central App
 

msavic6

Well-known member
Jul 8, 2011
714
0
0
Visit site
You can't be seriously worried about this. Someone has to take an extremely high resolution image of your fingerprint and then re create it out of wood glue. The chances of this happening to you is zero to none.

If a person will go to these lengths to try to get into my phone, I will personally reward them by unlocking it myself and giving it to them.
Sent from my Galaxy Nexus using Tapatalk
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
They should have put the requirement of a password after so long. This is an extra security step on TouchID.


Sent from my iPhone using Tapatalk
 

msavic6

Well-known member
Jul 8, 2011
714
0
0
Visit site
They should have put the requirement of a password after so long. This is an extra security step on TouchID.


Sent from my iPhone using Tapatalk

There is a password after 5 failed attempts on the lockscreen. The place that is lacking a paid is in the PayPal app which gives you unlimited attempts.

Sent from my SGH-I337M using Tapatalk
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
Long story short, it didn't really get hacked.. OP is just trying to justify his iPhone.

Posted via Android Central App

Long story short, it can be gotten into, just like an iPhone. The difference is that after a certain period of time, you still have to enter a password on the iPhone, whereas not on the S5. Apple does seem to have a better system.
BTW, I don't need to justify my iPhone, as it serves my needs best at this point in time.
 

Citizen Coyote

Well-known member
Jul 9, 2011
1,378
9
0
Visit site
People complained about the same thing when the iPhone 5S came out. Both phones can be fooled with a fake fingerprint (and in the S5's case, it was based off a cellphone photo of a fingerprint on the screen, so not exactly hi res). Personally I would not trust financial information to a fingerprint scanner like this on either phone. Use it as a convenient way to unlock the device and as a replacement for a PIN/code, but don't believe the security is any better than what's available on other phones.
 

Cobravision

Well-known member
Jul 18, 2010
1,271
40
48
Visit site
All I leave on my screen are partials because that's how I use my phone. Who leaves nice, pristine, full prints on their screen? This is silly.
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
People complained about the same thing when the iPhone 5S came out. Both phones can be fooled with a fake fingerprint (and in the S5's case, it was based off a cellphone photo of a fingerprint on the screen, so not exactly hi res). Personally I would not trust financial information to a fingerprint scanner like this on either phone. Use it as a convenient way to unlock the device and as a replacement for a PIN/code, but don't believe the security is any better than what's available on other phones.

Agreed. Maybe that is why Apple restricts their TouchID. This is a copy and paste from a current iMore article:

"Samsung allows third parties to hook into their fingerprint authenticator. So, as shown in the video, they can get to Paypal and your money. Apple currently restricts Touch ID to only your Apple account. So, worst case, if Touch ID is spoofed, all an attacker can really do is buy stuff off iTunes or the App Store, much of which would be locked to your account. That's much less of an incentive to spoof prints."
 

Sliver22

Member
Apr 11, 2014
20
0
0
Visit site
Long story short, it can be gotten into, just like an iPhone. The difference is that after a certain period of time, you still have to enter a password on the iPhone, whereas not on the S5. Apple does seem to have a better system.
BTW, I don't need to justify my iPhone, as it serves my needs best at this point in time.

Well considering you are commenting on multiple posts battling the s5 and promoting your 5s on an Android forum... It kinda seems like you are trying to justify it.

Posted via Android Central App
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
Well considering you are commenting on multiple posts battling the s5 and promoting your 5s on an Android forum... It kinda seems like you are trying to justify it.

Posted via Android Central App

Nope, just pointing out that Apple has better security on their TouchID.
 

Almeuit

Moderator Team Leader
Moderator
Apr 17, 2012
32,278
23
0
Visit site
Long story short, it can be gotten into, just like an iPhone. The difference is that after a certain period of time, you still have to enter a password on the iPhone, whereas not on the S5. Apple does seem to have a better system.
BTW, I don't need to justify my iPhone, as it serves my needs best at this point in time.

Nope, just pointing out that Apple has better security on their TouchID.

I thought someone said it does do this on the S5 for when you unlock the phone.. Just like when unlocking the iPhone..

It doesn't have it with the PayPal part. That is where it won't do the password prompt but it should.

Sent from my T-Mobile Note 3 using AC Forums.
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
I thought someone said it does do this on the S5 for when you unlock the phone.. Just like when unlocking the iPhone..

It doesn't have it with the PayPal part. That is where it won't do the password prompt but it should.

Sent from my T-Mobile Note 3 using AC Forums.

I don't know firsthand, but that isn't what I'm reading. I hope that it is like the iPhone, for the sake of security. More copy and paste:

Firstly, Samsung apparently allows unlimited attacks on their fingerprint sensor. You can try fingerprint after fingerprint and it will happily let you. Apple's Touch ID limits you to 5 unsuccessful attempts, then demands a passcode or password. If someone makes a perfect spoof immediately, that won't matter. If not, or if it doesn't register properly the first few times, it could help.

Secondly, Samsung allows fingerprint authentication even after the Galaxy S5 has been rebooted or simply powered back on or re-charged. Apple's Touch ID requires passcode or password re-entry under those conditions.
 

AnnieVan

Member
Jan 9, 2013
12
0
0
Visit site
I just tried it on my GS5. After 5 attempts, it locked me out and asked for a password. I tried turning my phone off and then on again to bypass, but it asked me for the password. BTW, the backup password has to contain letters and numbers, it won't allow a numerical PIN as the backup.

Posted via Android Central App
 

pappy53

Banned
Dec 23, 2009
1,616
27
0
Visit site
I just tried it on my GS5. After 5 attempts, it locked me out and asked for a password. I tried turning my phone off and then on again to bypass, but it asked me for the password. BTW, the backup password has to contain letters and numbers, it won't allow a numerical PIN as the backup.

Posted via Android Central App

That is good to know. Thanks!
 

tech_head

Q&A Team
Aug 25, 2010
783
15
0
Visit site
Spoofing not "hacking" fingerprint scanners is nothing new.
You see it in movies all the time.......
It's a crude spoof. Fingerprint scanners are crude.
Now if they also looked at the blood vessels in the finger......
 

Almeuit

Moderator Team Leader
Moderator
Apr 17, 2012
32,278
23
0
Visit site
I don't know firsthand, but that isn't what I'm reading. I hope that it is like the iPhone, for the sake of security. More copy and paste:

Firstly, Samsung apparently allows unlimited attacks on their fingerprint sensor. You can try fingerprint after fingerprint and it will happily let you. Apple's Touch ID limits you to 5 unsuccessful attempts, then demands a passcode or password. If someone makes a perfect spoof immediately, that won't matter. If not, or if it doesn't register properly the first few times, it could help.

Secondly, Samsung allows fingerprint authentication even after the Galaxy S5 has been rebooted or simply powered back on or re-charged. Apple's Touch ID requires passcode or password re-entry under those conditions.

I just tried it on my GS5. After 5 attempts, it locked me out and asked for a password. I tried turning my phone off and then on again to bypass, but it asked me for the password. BTW, the backup password has to contain letters and numbers, it won't allow a numerical PIN as the backup.

Posted via Android Central App

At least it's confirmed now it's like apples touch ID. The only fail part is the PayPal section not adhering to this same restriction.

Sent from my T-Mobile Note 3 using AC Forums.