Navigation Links
HYPR Corp. Addresses Android Vulnerability That Exposes Ecosystem-wide Biometric Security Challenges
Date:8/12/2015

NEW YORK, Aug. 12, 2015 /PRNewswire/ -- New research unveiled at Black Hat 2015 outlines how hackers can attack Android phones to steal users' fingerprints. Information released today by HYPR Corp. identifies the increasing availability of fingerprint scanners on mobile devices, making the security of this data of utmost concern. To secure biometrics on mobile devices, HYPR Corp. recently released a biometric tokenization platform to augment these convenient authentication systems with strong cryptographic security. More information on this biometric authentication platform is available from HYPR (https://www.hypr.com/biometric-authentication/).

Security concerns identified at HYPR Corp., and findings from the research1 revealed at Black Hat, include:

  • A recent report from Market Research estimated that by 2019, more than half of smartphones will include a fingerprint sensor.
  • Most device manufacturers fail to use available protection to safeguard users' most sensitive biometric data in the Android Trust Zone, an environment that is safely isolated from the operating system.
  • Hackers have found a means to steal victims' fingerprint data due to fingerprints being stored as an image file in an open, world readable, folder.

In order to ensure biometric security, HYPR Corp. advises:

  • Leveraging biometric tokenization to enable the safe transmission of a fingerprint image, or template, to the cloud using trusted public key cryptography.
  • Storing fingerprints as a mathematical representation in a trusted environment, a location separate from a device's operating system.
    • As of late, key players, such as biometric sensor suppliers and mobile device manufacturers, have been behind this approach.
  • Deploying secure processors that are specifically designed for the storage of sensitive data, such as biometrics.

By utilizing state of the art biometric encryption protocols, relying parties can validate signatures in various ways while meeting these four guiding principles of biometric tokenization:

  • No third party should be allowed to centralize storage of biometric credentials.
  • Biometric data should remain isolated from the operating system on a user's device.
  • End users should have full control in choosing what biometric authenticators they will utilize.
  • Relying parties should be able to choose between bring-your-own-device (BYOD) or specialized hardware tokens for authentication in a device agnostic manner.

HYPR Corp. has introduced its biometric tokenization platform to address security with a focus on the financial, government and healthcare sectors. A video overview and demonstration of the HYPR SDK is available here: https://youtu.be/gFJj0-Rag-I

George Avetisov, CEO of HYPR Corp. said:
"Biometric authentication provides a much-needed solution to the problem of insecure passwords, but it is not a panacea. As we have seen, when executed poorly, biometric authentication can put sensitive data at risk. That is why enterprises must ensure they have implemented a robust, multifaceted security solution that ensures biometric signatures and user data is stored safely and isn't transmitted across the Internet. This is where biometric tokenization comes into play."

About HYPR
HYPR is a sector agnostic platform enabling secure biometric authentication. From software developers to enterprises and device manufacturers, we're replacing the use of passwords with advanced biometric cryptography. As an end-to-end solution, HYPR is the fundamental framework for securing the Internet-of-Things. Additional information is available at: https://www.hypr.com/

1 YuLong Zhang, Zhaofeng Chen, Hui Xue and Tao Wei, "Fingerprints on Mobile Devices: Abusing and Leaking," FireEye Labs, August 2015. https://www.blackhat.com/docs/us-15/materials/us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking-wp.pdf

PR Contact:
Jessica M. Pasko
Nadel Phelan, Inc.
+1 831-440-2412
jessica@nadelphelan.com

Logo - http://photos.prnewswire.com/prnh/20150409/197571LOGO

 


'/>"/>
SOURCE HYPR Corp.
Copyright©2015 PR Newswire.
All rights reserved

Related biology news :

1. HYPR Corp. Launches Industry First Biometric Tokenization Platform
2. HYPR Corp. Expands Biometric Authentication Team with Enterprise All Stars
3. Government Ready Biometric Security Approaching as HYPR Corp. Files FIPS 140-2 Level 3 Validation for Its Proprietary Biometric Token
4. HYPR Corp. Biometric Security Integration Kit Shields Applications and Devices Across the Internet of Things
5. HYPR Corp. Joins the FIDO Alliance
6. Pitt Engineering develops strategic alliance with Lubrizol Corp.
7. Vapor Corp. Unveils E-Cigarette Industrys First Biometric Technology
8. Digital Wallet Choices; PayPal, Google Wallet, Apple Passbook - and Now Wocket Smart Wallet : Who Addresses Issues of Security?
9. New book addresses consequences of drought in arid regions
10. Zynx Health Adds Android Device Support to ZynxCarebook Solution
11. DigitalPersona Announces U.are.U Software Development Kit (SDK) for Android Applications
Post Your Comments:
*Name:
*Comment:
*Email:
(Date:4/13/2017)... According to a new market research report "Consumer IAM Market ... Authorization), Service, Authentication Type, Deployment Mode, Vertical, and Region - Global Forecast ... from USD 14.30 Billion in 2017 to USD 31.75 Billion by 2022, ... ... MarketsandMarkets Logo ...
(Date:4/11/2017)... NXT-ID, Inc. (NASDAQ:   NXTD ) ("NXT-ID" or ... independent Directors Mr. Robin D. Richards and Mr. ... the company,s corporate governance and expertise. ... Gino Pereira , Chief Executive Officer said," ... and benefiting from their considerable expertise as we move forward ...
(Date:4/5/2017)... April 4, 2017 KEY FINDINGS ... expand at a CAGR of 25.76% during the forecast ... the primary factor for the growth of the stem ... https://www.reportbuyer.com/product/4807905/ MARKET INSIGHTS The global stem cell ... application, and geography. The stem cell market of the ...
Breaking Biology News(10 mins):
(Date:10/11/2017)... ... October 11, 2017 , ... Personal eye wash is a basic first aid supply for ... time. So which eye do you rinse first if a dangerous substance enters both eyes? ... Eye Wash with its unique dual eye piece. , “Whether its dirt and debris, ...
(Date:10/11/2017)... the Netherlands and LAGUNA HILLS, Calif. ... The Institute of Cancer Research, London ... use MMprofilerâ„¢ with SKY92, SkylineDx,s prognostic tool to risk-stratify patients ... trial known as MUK nine . The University of ... trial, which is partly funded by Myeloma UK, and ICR ...
(Date:10/10/2017)... (PRWEB) , ... October 10, 2017 , ... San Diego-based ... of its corporate rebranding initiative announced today. The bold new look is part ... as the company moves into a significant growth period. , It will also expand ...
(Date:10/10/2017)... -- International research firm Parks Associates announced today that ... TMA 2017 Annual Meeting , October 11 in Scottsdale, Arizona ... market and how smart safety and security products impact the competitive landscape. ... Parks Associates: Smart Home Devices: Main Purchase ... "The residential security market has experienced continued growth, ...
Breaking Biology Technology: