Skip to main content

Single step authentication on Galaxy S5 leaves PayPal accounts open to abuse say German researchers.

posted onApril 17, 2014
by l33tdawg

PayPal was left fighting a rear-guard action last night after it emerged the fingerprint scanner seen on the Samsung Galaxy 5 smartphone can easily be bypassed.

Germany's Security Research Labs says the spoofing system allows access to a user's PayPal account, which is an important issue since a key feature of the scanner is one-step access to the PayPal money payment system - effectively replacing the user's ID and password with a fingerprint swipe.

Researchers from SRL seem to employ a classic James Bond-style technique to fool the fingerprint scanner, photographing a fingerprint on a smartphone screen - ironically using an iPhone - and then developing an etched PCB image. From there, they create a mould of the fingerprint, swiping it across the sensor and fooling it into thinking it was the real thing.

Source

Tags

PayPal Samsung Hardware Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th