## **Recently, researchers at Tencent Labs and Zhejiang University have discovered a new type of attack targeting the fingerprint authentication system on Android phones.** New attack method is set called BrutePrint, bypasses the user authentication mechanism by repeatedly and repeatedly trying the fingerprint. ## How does BrutePrint attack work? To perform the BrutePrint attack, researchers exploited two zero-day vulnerabilities named Cancel-after-match-fail (CAMF) and Match-after-lock (MAL), which allowed them to bypass existing protections on smartphones, such as a limit on the number of attempts. In addition, the researchers also found that the data on the fingerprint sensor’s Serial Peripheral Interface (SPI) is unprotected, making it vulnerable to attacks. The researchers attempted to unlock the device using databases derived from academic datasets, leaked biometric data, and similar sources. However, it is important to note that the time required for the attack to succeed depends on the number of fingerprints stored. For example, on an Android phone with only one registered fingerprint, the attack could take between 2.9 and 13.9 hours. However, on devices with many registered fingerprints, the attack only takes about 0.66 to 2.78 hours, as the probability of finding a matching fingerprint increases significantly. ## **Which device is vulnerable?** In the report, the researchers claimed that they tested the attack on 10 popular smartphone models and found that all devices Android is all vulnerable. Meanwhile (iOS) devices (https://www.24h.com.vn/ios-c407e4045.html) are much more secure and researchers can only perform fingerprint detection 10 more times on iPhone SE and iPhone 7, rendering the BrutePrint attack ineffective. While this type of attack may not appeal to the average hacker as it requires physical access to the phone, researchers have warned that state-sponsored actors could exploit exploit this technique to access data. Therefore, device manufacturers will need to act quickly and patch these zero-day vulnerabilities as soon as possible.