Experts from Security Company ‘FireEye’ states that a flaw in Android makes it possible to steal the personal information so it can be used elsewhere.
Android phones store their personal information such as fingerprint information in a walled-of area of memory known as the Trusted Zone. During research they found out that hackers didn’t need deep access to the phone , instead they just need to get their hands on the gadgets memory, which could reveal finger scan data.
Using this information an attacker could make a fake lock screen that makes victims believe they are swiping to unlock a phone when they are actually authorizing a payment. In addition, the found that it was possible for the hackers to upload their own fingerprints because such devices don’t keep a good record of how many finger prints were being used on each device.
Samsung says that they take security very seriously and are currently investigating the researchers findings. Other Android phones that also use finger-print ID systems could also be vulnerable in the future.