Galaxy S5 Fingerprint Scanner Hacked With Similar iPhone 5S Hack

Galaxy S5 Fingerprint Scanner Hacked With Similar iPhone 5S Hack
webandi / Pixabay

Security researchers from SRLabs in Germany posted a video on YouTube showing how they were able to hack into the Galaxy S5’s fingerprint scanner. They used wood glue to create a mold of a fingerprint which was able to fool the scanner into thinking they had used a real fingerprint.

Play Quizzes 4

How the Galaxy S5 hack works

This is the same method they used to hack the iPhone 5S Touch ID fingerprint scanner, indicating that this technology leaves much to be desired—no matter which company is making the fingerprint scanner. The researchers used a picture of a hidden print on the screen of the Galaxy S5 to make the mold of the fingerprint and were able to even use it when the smartphone was turned off.

Is First Gen An Overlooked Power Play That Deserves A Re-Rating?

environmental 1651092002The post was originally published here. Highlights: Resolving gas supply issues ensures longevity A pioneer in renewable energy should be future proof Undemanding valuation could lead to re-rating Q1 2022 hedge fund letters, conferences and more

In order to photograph the hidden print on the Galaxy S5, researchers used magnesium powder to light them up.

Galaxy S5 fingerprint hack provides open access

What may be most concerning is that the fake fingerprint not only provided access to the owner’s Galaxy S5, but also bank accounts and the user’s PayPal account. By simply swiping the fake fingerprint, they were able to log into the owner’s PayPal account without even having to enter in a password. Once logged into the PayPal app on the Galaxy S5, the hacker was able to do anything he wanted, including make purchases and even withdrawing money and send it to his own bank account.

This does differ than the Touch ID sensor on the iPhone 5S, however, because Apple Inc. (NASDAQ:AAPL) has currently restricted use of the scanner to unlocking the phone rather than using it for payments, although that functionality is believed to be coming, possibly in the iPhone 6 this year.

According to PC World, PayPal wasn’t too concerned about the vulnerability in the fingerprint scanner. The payment services provider said it doesn’t store or even access a user’s fingerprint. Instead, when the print is scanned, it unlocks a “secure cryptographic key” which simply replaces the password. PayPal said it can deactivate that key on a lost or stolen device, enabling users to create a new key.

The problem with fingerprint scanners

While many see the usage of fingerprint scanners as adding another layer of security, a big problem is that people can’t ever change their fingerprints. Once someone steals their prints, they can access anything the person users their print as a password for, whether it’s their Galaxy S5 or anything else. As a result, companies should be focusing on making fingerprints extremely hard to steal.

The vulnerability in the Galaxy S5’s fingerprint scanner probably won’t have much of an impact on sale of the handset, as the average consumer may not even be thinking about this type of thing.

Updated on

Michelle Jones is editor-in-chief for and has been with the site since 2012. Previously, she was a television news producer for eight years. She produced the morning news programs for the NBC affiliates in Evansville, Indiana and Huntsville, Alabama and spent a short time at the CBS affiliate in Huntsville. She has experience as a writer and public relations expert for a wide variety of businesses. Email her at
Previous article Yahoo! Inc. (YHOO) Analysts Split On Alibaba IPO Impact
Next article Ackman Critic John Hempton Admits Bad Call On Herbalife Ltd.

No posts to display