Fingerprint scanners have become one of the most popular new features within smartphones, but security experts warn that a lack of security within certain devices could lead to consumers losing financial and personal details.
During a presentation at the Black Hat USA conference in Las Vegas, Yulong Zhang, a researcher for smartphone security firm FireEye, expressed his concerns towards fingerprint scanners being used on mobile devices.
‘‘If you leak a password, you can just change it; if you leak a fingerprint, it’s lost for your whole life,’’ stated Zhang.
Zhang released a specific biometrics report entitled ‘‘Fingerprints On Mobile Devices: Abusing and Leaking’’ during the Black Hat conference, which brought to light a number of Android devices that contain potential security concerns.
According to the report, 50 per cent of all smartphones will contain a fingerprint sensor by 2019. In today’s world, a number of devices, including HTC’s One Max device, could be breached by an intruder.
The report found that the One Max saved fingerprints without encryption, making it easy for a hacker to steal the biometric information. The Samsung S5 smartphone also contained a similar flaw, leaving users’ fingerprints and their financial details vulnerable to theft.
Zhang made a number of suggestions to Android developers in his report, stating that ‘‘mobile device vendors should improve the security of the fingerprint auth framework with improved recognition algorithm against fake fingerprint attacks, and better protection of both fingerprint data and the scanning sensor.’’
Payment Eye recently spoke to Russel King, founder and CEO of Paycasso. King spoke about the challenges facing the technology in terms of dealing with the rise of identity fraud as well as the best practice of storing vast amounts of biometric information.
Mastercard is working with Stripe to expedite the payment process for American sellers on the latter's marketplaces using the instant payouts feature from Stripe.
Lloyds has launched biometric finger print authentication for mobile banking.
Barclaycard has partnered with Case Station, a company that makes personalised phone cases, to embed contactless technology in the latter's smartphone cases.
Digital challenger bank, N26, which has been live for one and a half years and has more than 200,000 customers, rolled out a new feature that allows its customers to transfer money using Siri. All they have to do is talk to it.