Unencrypted fingerprint data found on HTC smartphones

      Comments Off on Unencrypted fingerprint data found on HTC smartphones

Unencrypted fingerprint data found on HTC smartphonesSecurity experts have discovered a route to unencrypted fingerprint data stored on HTC smartphones.

It is an increasing trend for smartphone users to be asked to unlock their handsets with fingerprint data as well as to perform other functions on the phone, such as authorising purchases. But security experts have demonstrated that they were able to decode the HTC smartphone file that stored this unique and highly sensitive data. HTC has not commented officially but it would appear that the flaw has now been rectified.

Security experts have challenged the viability of using fingerprint data for some time now because, if that data is accessed and copied, this clearly cannot be changed by the user. It would imply that storing such sensitive data in the most secure format is a no-brainer, making the lack of encryption is startling. Further criticism has been leveled against HTC because standard security tests should have revealed the flaw before the device was released onto the market.

See the full story on bbc.co.uk

Share