I’ve recently had a similar thought. However after looking into it, I’m not sure whether this is feasible anymore.
[Android Compatability Definition (pdf, p 48)] lists a requirement which might be hard to meet with an aftermarket fingerprint sensor in the back cover:
MUST have a hardware-backed keystore implementation, and perform the fingerprint matching in a Trusted Execution Environment (TEE) or on a chip with a secure channel to the TEE.
I’m not an expert though and might be completely wrong about this: Maybe it is possible.
By definition the back cover is separate from inside parts, so I don’t think a “secure channel to the TEE” may be feasible.
Furthermore I wouldn’t trust any “biometric access granting” app if it could accept data from a plugged-in module, because otherwise it would very easy to tamper it and let it believe the data is yours.
And…I have to admit…I don’t trust biometric security applications at the moment (but it is only my point of view)
Yet you probably use a debit card. While I totally understand they have their differences with an external module, they too are vulnerable to tampering.
Plus, it could be possible to use the external module only as a sensor, akin to having an external keyboard to enter your password.
However that is the entire point: Only having an external sensor that passes in the fingerprint is not enough since Android requires the fingerprint to be processed in a “Trusted Execution Environment” which is not present in FP2 (afaik).
I’m sorry but I don’t get the point, we are talking about the fingerprint sensor support in FP2 for Android 6.0, not about of all the insecure hardware solutions in the world (that is: everything!)
No because if you want it to adhere to Android 6.0 specifications it violates the “secure channel to the TEE” as I stated in my previous message
Fair enough! Also: comparing general security system with systems using biometry is unfair:
There is an almost indefinitely large amount of passwords and pins you can use, if one get’s compromised, you can chooses another one. Fingerprints in contrast as generally seen as unique to your person – and you only have 10 of them to spare.
Although they’re more insecure than a password/PIN (given that you don’t leave them written on a post-it somewhere )
And depending on the kind of sensor it could be even easier. I remember an article I have read on the german c’t magazine a while ago where they were testing different biometric sensors. There where able to trick every one. Several finger print sensors could simply be fooled by blowing to them. These sensors where measure the temperature differences between the gabs and the hills of your finger prints. By blowing on the sensor they warm up the clean parts on the sensor (gabs) faster then the marks of the fingerprints, so the sensor has detected a difference and it looked exactly like the fingerprint of the last user of the sensor.
Biometric senors are simply not secure, they a just a fancy gadget.
But I wouldn’t like to have a Fingerprint sensor for a second reason. If I use it, the phone has to store the information of my Fingerprint, and if it is stored on a digital device it also can be stolen. I do not want to have this information somewhere in the world because I suspect huge possibilities to abuse this data.