Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Fingerprint-Jacking - Practical Fingerprint Authorization Hijacking in Android Apps

Black Hat via YouTube

Overview

Explore the security vulnerabilities of fingerprint authorization in Android apps through this 34-minute Black Hat conference talk. Delve into the concept of "Fingerprint-Jacking" and learn about practical hijacking techniques. Understand the basics of clickjacking and its application to fingerprint scanners. Discover implementation flaws in many Android apps and examine various bypass methods, including the Translucent Attack and Wrist Attack. Analyze the conditions for successful attacks and explore potential mitigation strategies. Gain insights into the security-critical nature of fingerprint scanners in mobile devices and the importance of thorough security analysis. Watch demonstrations of the discussed techniques and learn about suggested countermeasures to protect against fingerprint authorization hijacking.

Syllabus

Introduction
Demo
What is Clickjacking
What we want
What developers can use
Older Android versions
Translucent Attack
How many apps have implementation flaw
Finding the Bypass
First Bypass
Second Bypass
Third Bypass
Wrist Attack
Mitigation
Conditions
Carbon Gadgets
Attack Table
Suggestions
Demonstration

Taught by

Black Hat

Reviews

Start your review of Fingerprint-Jacking - Practical Fingerprint Authorization Hijacking in Android Apps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.