All geek questions in one place

Fingerprint Source

Does the finger sensor touch interface provide direct access to the raw fingerprint data, that is, the actual pattern on the finger? I do not mean the saved secure fingerprint, which is used to unlock the device and make payments, but simply to receive raw data on demand when scanning a finger. If not, why not?

+4
source share
1 answer

The Android API does not allow direct access to raw fingerprint data. The fingerprint data will not leave TEE (Trusted Execution Environment).

The following snippet of text is included in Google CCD (compatibility document)

https://source.android.com/security/authentication/fingerprint-hal

Thus, raw images and processed fingerprint functions should not be transmitted in insecure memory. All such biometric data must be protected in sensor equipment or in trusted memory. (Memory inside TEE is considered trusted memory; memory outside TEE is unreliable.)

However, there is another solution: do not use a fingerprint scanner, but a camera.

0
source

Source: https://habr.com/ru/post/1621790/

More articles:


All Articles