x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • No joke: Sen. Al Franken wants to know more about the fingerprint scanner on the Samsung Galaxy S5

No joke: Sen. Al Franken wants to know more about the fingerprint scanner on the Samsung Galaxy S5

Posted: , by Alan F.

Tags:

No joke: Sen. Al Franken wants to know more about the fingerprint scanner on the Samsung Galaxy S5
Al Franken might be a Senator from Minnesota, but most of you might remember him from his days as a Saturday Night Live funnyman. Or perhaps the mere mention of his name brings to mind the gorilla trainer role he had in the Eddie Murphy-Dan Akroyd film Trading Places. Now a politician, Franken seems to have a thing about fingerprint scanners. When the Apple iPhone 5s rolled out with Touch ID last September, Franken wanted to hear more from Apple about whether the fingerprints obtained by the iPhone are stored by Apple.

Now, it is Samsung's turn to face the wrath of Franken. In a letter written to the company abut the fingerprint scanner on the Samsung Galaxy S5, the Senator asks a number of questions about where the fingerprint data will be stored, and if third parties will have the opportunity to (pardon the pun) get their hands on this information. Franken also points out the difference between Touch ID and Sammy's biometric feature. While Touch ID allows five failed attempts before a password prompt appears, Samsung's fingerprint scanner allows for unlimited attempts.

Franken also points out that while Touch ID is used to unlock an iPhone and open certain Apple apps, the Galaxy S5 scanner can be used in lieu of a password. That means that a hacker might be able to steal your identity and secure a Pay Pal transfer to his account by using your hijacked fingerprint data.

"Fingerprints are the opposite of secret. You leave them on countless objects that you touch throughout the day: your car door, a glass of water, even the screen of your smartphone. And unlike passwords, fingerprints cannot be changed. If hackers get hold of a digital copy of your fingerprint, they could use it to impersonate you for the rest of your life, particularly as more and more technologies start relying on fingerprint authentication...Initial reports also suggest that the Galaxy S5 may raise security concerns that Touch ID does not. The Galaxy S5 fingerprint scanner reportedly allows for unlimited authentication attempts without a password prompt, whereas Apple's Touch ID requires a password after only five failed attempts. Furthermore, while Touch ID can be used only to unlock a device and to access certain tightly monitored Apple apps, Galaxy S5 appears to allow any app to use the fingerprint scanner instead of a password. This means that you can use the Galaxy S5 fingerprint scanner to send money on PayPal and access your password app; unfortunately, it likely means that bad actors who spoof your fingerprints can do that, too. This broader access to the scanner could potentially allow third parties to access sensitive information generated by the technology."-Senator Al Franken, Minnesota

The Senator wants to know what Samsung's future plans are for the biometric security feature, and wants Samsung to assure that it won't do anything improper with information generated by the fingerprint scanner. If you read through Franken's letter (you can read it in its entirety on Franken's U.S. Senate website) you get the feeling that this is a serious matter for him. Identity fraud is nothing to joke about.

source: U.S.Senate (Al Franken) via AndroidCentral

26 Comments
  • Options
    Close




posted on 13 May 2014, 21:59 4

1. 0xFFFF (Posts: 2096; Member since: 16 Apr 2014)


Because there's always one politician who is tasked with the job of making it look like the government cares.

posted on 14 May 2014, 13:47

23. sgodsell (Posts: 907; Member since: 16 Mar 2013)


That's why OEMS need to include front facing camera's with at least 5-8mp, then you can use your eye for a log in. Nobody leaves their eye around, also it has the added benefit of not changing as much as a finger print. Fingers get dirty, cuts, and scrape's can change the finger print. That's why they build in a margin of error when scanning.
OEMS could even turn up the screen brightness when scanning an eye. So the screen would act as a light.

posted on 14 May 2014, 18:18

25. engineer-1701d (Posts: 420; Member since: 13 Mar 2014)


that and he whats to let people know he is not the same guy from years ago on snl and a few funny movies loved trading places, but still like they care i mean look at the thumb locks for houses and nfc locks just as easy to steel and do same if not more damage.

posted on 13 May 2014, 21:59

2. metalspy101 (Posts: 27; Member since: 15 Dec 2012)


android ftw

posted on 13 May 2014, 22:13 3

3. Sauce (unregistered)


The whole "fingerprints are not secure" BS is a crock of crap. Whoever says/believes that, belongs in Fairfield Hills (look it up). I'm pretty sure if my phone was stolen at a bar, concert, or any public place (or even my own home or work), the thief will not have any knowledge on how to "rip" my fingerprint and use it to get into my phone. It can't be done within 1,5,10,20,30,60,400 minutes. To do this, you need the proper materials (of which most people can't even spell without looking it up). Even then, it isn't guaranteed.

If you think a fingerprint isn't "secure" for unlocking your phone or confirming App Store purchases, then you might as well all remove your pass codes on your phones and computers.

posted on 13 May 2014, 22:20 1

5. 0xFFFF (Posts: 2096; Member since: 16 Apr 2014)


It all depends on who you are and why they want your phone. If it is just some thugs looking for a quick buck, then a fingerprint is fine for this sort of scenario. But if you are someone important and they want the data on your phone, then they will take your finger and your phone, not just your phone.

Personally, I don't think an unchangeable personal identifier should be used for any serious form of security. But for casual matters, it is fine. Just remember, that the fingerprint also ties you uniquely to what is done on your phone -- good, bad, or just plain ugly.

posted on 13 May 2014, 22:40 3

9. Sauce (unregistered)


Well said. I'm sure someone of high value, interest, or security won't be using an S5 or 5S though hehe.

I mean hey, for $30,000, you can hire a hit man on the Deep Web :D

posted on 13 May 2014, 22:17

4. willard12 (Posts: 706; Member since: 04 Jul 2012)


I wasn't aware that Samsung allowed unlimited attempts. I thought you had to enter a full password (not just pin) after a certain number of failed attempts.

posted on 13 May 2014, 22:20

6. 0xFFFF (Posts: 2096; Member since: 16 Apr 2014)


Some companies do "security theatre" better than others.

posted on 13 May 2014, 22:40 5

8. PapaSmurf (Posts: 7429; Member since: 14 May 2012)


It's five failed attempt before you have to enter an alternate password. Idk what the hell this guy is smoking.

http://tinypic.com/r/n9ndk/8

posted on 13 May 2014, 22:42

10. Sauce (unregistered)


Full coverage LTE. Jealous.

posted on 13 May 2014, 22:44

12. PapaSmurf (Posts: 7429; Member since: 14 May 2012)


All over Chicago, especially right next to my house since I live four blocks away from a tower lol.

posted on 13 May 2014, 22:50

13. Sauce (unregistered)


Lucky ass, liven' 4 blocks from a dang tower lol. I pay for LTE and get a steady 2-3 bar connection. Still good, and am grateful for fast speeds, but it tends to slack off a lot around here. (Stamford)

posted on 13 May 2014, 23:02

14. PapaSmurf (Posts: 7429; Member since: 14 May 2012)


You have T-Mo?

BTW, my WiFi speeds with Comcast are ridiculous.

http://tinypic.com/r/1534j06/8

posted on 13 May 2014, 23:32

15. benzb (Posts: 26; Member since: 19 Jan 2012)


After 5 attempts, the S5 will ask you for the alternate password. However, you can press the back key and try your fingerprint again. If it's incorrect, it will ask you again for the alternate password. If you press the back key, you can try your fingerprint again. If it's incorrect, it will ask you for the alternate password. If you press the back key again, you can try your fingerprint.... you can do this unlimited times. Get the picture? The S5 does not "force" you to enter an alternate password.

posted on 14 May 2014, 07:06

19. PapaSmurf (Posts: 7429; Member since: 14 May 2012)


It's partially "unlimited" but not really. Better than having the phone lock for minutes or even hours after so many failed attempts.

posted on 14 May 2014, 08:07

20. j2001m (Posts: 16; Member since: 28 Apr 2014)


its just been updated in the uk and you now got give it 30sec before you can try again and you only get 20 goes before the password is needed

posted on 13 May 2014, 22:20 2

7. thecellphnman (Posts: 10; Member since: 17 Mar 2010)


I understand why he is asking about the scanners. I really do and appreciate it. However, this guy is a joke and I am embarrassed to say he represents my state. Just awful!

posted on 13 May 2014, 22:43 3

11. PapaSmurf (Posts: 7429; Member since: 14 May 2012)


This guy is a complete joke and doesn't know what he's talking about. The S5 requires you to type in the alternate password after five failed attempts. (Comment #8)

Misleading information like this makes me question one's knowledge on technology.

posted on 13 May 2014, 23:33

16. benzb (Posts: 26; Member since: 19 Jan 2012)


Look at my comment (#15)

posted on 13 May 2014, 23:34 1

17. cheeseycheeser (Posts: 374; Member since: 24 Mar 2011)


Why do I even care about some company/hacker potentially getting my fingerprint. It's not any different than a password (except you only have 10 options) and it's not like anyone ACTUALLY cares about me (or you). We are not important enough for some hacker to go through the trouble with fingerprints. This whole argument is basically an ego trip for 99% of people.

posted on 14 May 2014, 03:04

18. rallyguy (Posts: 524; Member since: 13 Mar 2012)


NSA has already stolen it. More of a chance it leaking from them, then getting stolen from your phone.

posted on 14 May 2014, 08:16

21. InspectorGadget80 (Posts: 6144; Member since: 26 Mar 2011)


He should also know more bout the iph5s finger sensor not just samsung

posted on 14 May 2014, 10:03

22. Ninetysix (Posts: 1378; Member since: 08 Oct 2012)


RTFA eh?

posted on 14 May 2014, 13:47

24. Immolate (Posts: 270; Member since: 17 Jun 2011)


Al Franken... when electing Jesse Ventura as Governor doesn't get the point across.

posted on 15 May 2014, 03:16

26. Elfmonster (Posts: 37; Member since: 23 Dec 2013)


1. Thief runs off with your phone.
2. Thief uses simple tape to pull your fingerprint off the phone button itself or off the screen.
3. Thief transfers your imprint for thumb pressing the button.
If you don't understand this, go watch some old episodes of Burn Notice.

Want to comment? Please login or register.

Latest stories