Senator Al Franken Questions Samsung's New Fingerprint Security Feature in Conjunction with PayPal and Beyond
A new report notes that U.S. Sen. Al Franken is raising questions about the security of Samsung's Galaxy S5 smartphone in the wake of reports that its fingerprint scanner has been hacked. Although Apple's Touch ID technology was similarly hacked, Franken noted, Samsung's approach allows for unlimited attempts to access the device without requiring a password and permits the broad use of the fingerprint scanner to access apps. This, he noted could invite abuse by "bad actors."
In a letter to the South Korean electronics giant, the Minnesota Democrat expressed concern about the apparent security vulnerability and Samsung's use of fingerprint technology beyond granting access to the device — such as sending money through PayPal. What was once thought of as a plus for Samsung's fingerprint scanner is now a drawback in light of the security breach.
Franken also asked whether Samsung could assure its users that it would never share their fingerprints with any government, absent the proper legal authority and process, such as a warrant.
Re/code noted that Franken's "goal is to urge companies to deploy this technology in the most secure manner reasonable — and create a public record around how companies are treating sensitive biometric information."
How can anyone argue that point? Then again, we're talking about Samsung here, so we hope their formal response will be made public for all to see. Random PR talk with a website or reporter won't cut it. We should expect a full formal reply that's legally binding. Will Franken make Samsung's response public? Only time will tell.
For the record, Apple doesn't share a user's biometric data with developers and holds their information in a secure enclave. Samsung introduced their fingerprint scanner for the Galaxy S5 in February.