A group of hackers stole biometric authentication algorithms from Samsung and leaked them, among about 200 GB of compressed source code for data from its stolen mobile devices, according to Tom’s Hardware.
The group claiming the hack, known as “Lapsus$”, was also behind an Nvidia hack in late February and claims to have been able to exfiltrate the Knox authentication code, loader code bootable for all Samsung recently released mobile devices, Trusted Applet source code and code for Samsung services and accounts, in addition to biometrics software. The biometric unlock code includes the code that communicates directly with the sensor, according to posts shared on Twitter.
Tom’s Hardware notes that one in five smartphones sold worldwide is a Samsung Galaxy device.
Hackers are sharing Samsung code in three installments on BitTorrent, after allegedly delaying a threat to leak Nvidia code due to a potential buyer.
Samsung has confirmed the hack is true, but says no personal data was stolen.
At least the biometric ultrasonic fingerprint sensor works well
The launch of the new Samsung Galaxy S22 last month was overshadowed by the breach, but early reviews like the one published by Chrome Unboxed suggest the flagship smartphone’s in-display ultrasonic fingerprint sensor is a hit.
Robby Payne, a self-confessed Pixel enthusiast and reviewer, says the fingerprint sensor performance far exceeds that of the Pixel 6, which has an optical biometric sensor.
Qualcomm’s ultrasonic fingerprint sensors were originally built into the Samsung Galaxy S10 series, but the company considered removing the technology following poor reviews. Since then, Qualcomm has partnered with Precise Biometrics to upgrade the biometric software of its sensors.
Chrome Unboxed notes that the in-screen ultrasonic and optical fingerprint sensors proved to be relatively slow and inaccurate by 2019 standards, but both technologies seem to have advanced considerably and most Android smartphones today are now equipped with optical fingerprint sensors. The new generation of the Samsung Galaxy S22 is the fourth built by the tech giant, and the review compares its performance to surface-mounted capacitive biometric sensors. A simple short press with the new ultrasonic sensor is still enough to capture the user’s fingerprint biometrics and unlock the device, Payne writes.
algorithms | authentication | biometric software | biometrics | fingerprint sensors | hacking | Samsung | smart phones