Just like the iPhone 5S, the Galaxy S5 also comes with a fingerprint scanner integrated into the home button. The use of a fingerprint scanner allows OEMs and users to make their device more secure without requiring them to remember any complex PIN or password. However, as it turns out, the Galaxy S5 fingerprint scanner can be easily hacked in the same way the iPhone’s Touch ID sensor was hacked, six months ago.
The hack was conduced by the folks over at Security Research Labs, who used a “wood glue spoof” made from a PCB mold. The team used a fingerprint from the touchscreen of a mobile device and captured it using a mobile camera. On the iPhone 5S, Touch ID only allows users to unlock and confirm App Store purchases, but on the S5, users can confirm and make payments via the pre-loaded PayPal application using the fingerprint sensor. This poses a greater risk than that of iPhone owners.
Also, unlike iOS, Samsung does not require users to enter a PIN after multiple failed attempts at unlocking the phone via a fingerprint scanner, which again puts them at a higher risk. In response to this hack, PayPal issued the following statement: While the fingerprint hack above may seem very over-the-top and impractical to many, it is very well possible in the corporate environment where hackers can cause damages worth millions of dollars to companies by hacking their way through the fingerprint scanner.
