[ad_1]
Google has added a small safeguard to the biometric authentication system in the Android operating system. When an app on an Android device requires the user to scan a fingerprint or face (for example, a banking app asks the user to log in), a small icon depicting the app appears to make it clear to the user which app it is. Shown below. Requesting authentication.
Presumably, this is intended to protect against potential malware that fraudulently asks users to authenticate to access their online accounts. When a rogue app attempts to authenticate using biometrics, users can easily identify it by displaying the suspicious app’s icon instead of the legitimate app icon they were planning to use.
Although the Android platform has robust security measures in place, such as sandboxing an app to prevent it from accessing another app’s data without the user’s explicit permission, it is completely safe from security threats. No system is unaffected. The risk of such spoofing attacks on smartphones is generally considered low, especially due to continuous security improvements and updates by platform providers such as Google. However, it is possible that this could be due to particularly sophisticated malware or the exploitation of system vulnerabilities.
This feature is currently live in beta preview of Android 14 QPR3, or “Android 14 Quarterly Platform Release 3.” This is his third beta release of the upcoming Android 14 operating system and was released on February 8, 2024.
In recent years, Google has significantly strengthened biometric security on the Android platform, demonstrating a strong commitment to enhancing user privacy and security. The introduction of the BiometricPrompt API was a pivotal moment, providing a unified and secure interface for all forms of biometric authentication across Android devices.
Additionally, Google’s implementation of hardware-assisted security features, such as the Titan M security chip in Pixel devices, further strengthens the integrity of biometric data. The chip ensures that sensitive operations, including biometrics, are performed in a secure and isolated environment, significantly reducing the risk of unauthorized access.
Most recently, Google has promoted the use of Passkey, which replaces passwords with biometric or PIN-based two-factor authentication on users’ smartphones.
Source: 9to5Google
–
February 9, 2024 – By Mobile ID World Editorial Team
[ad_2]
Source link
