Android phones have adopted an on-screen fingerprint sensor quite a while back, while Apple continues to rely on Face ID technology for biometric security. A recent development might sound scary to most of you using an Android, especially because the phone’s lock screen is easy to bypass, especially because of this security issue that was discovered recently.
The issue was reported by David Schutz who has given a detailed background of the problem, how he unlocked a phone using the lock screen and how it affects the users. He claims that to make use of this vulnerability, all the person needs is a phone that has been compromised, and an extra SIM card that has been locked with the PIN.
The user just needs to slot in the extra SIM and feed the incorrect code three times. After that you enter the PUK code which is available on the SIM card, and using this process, the lock screen option goes away, he claims. He has even made a video to show this problem:
Now, this is a big risk that can be exploited by hackers. Most of the issue seems to be limited to the Pixel phones and Schutz says Samsung devices seem unaffected by the vulnerability.
Thankfully, Google seems to have understood the problem and released a software fix to shore things up at its end. But the gravity of the loophole suggests Android phones with an on-screen lock screen run the risk of mishaps. We expect other Android phone makers to also release a fix for this supposed issue if they deem it risky in their software process.
David reported this issue to Google as a part of the Bug Bounty Program, under which he was rewarded $70,000 (Rs 5,60,000 approx) for his efforts. Having said that, Schutz had to wait for a few months before Google acknowledged the problem and released a fix, after which he was rewarded for the report.
Read all the Latest Tech News here