Abstract
Currently, many smartphones are adopting fingerprint verification as a method to authenticate their users. Because fingerprint verification is not only used to unlock these smartphones but also used in financial applications such as online payment, it is crucial to secure the fingerprint verification mechanism for reliable services. In this paper, we identify a few vulnerabilities in one of the currently deployed smartphones equipped with fingerprint verification service by analyzing the service application. We demonstrate actual attacks via a proof-of-concept code that exploits these vulnerabilities. By these attacks, an attacker can extract fingerprint features by decoding a file containing them in encrypted form. We also suggest a few possible countermeasures against these attacks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
