In recent years, a number of large-scale information leakage events leading to network users no longer safe, secure password. If, however, exposes a more secure fingerprint data, the consequences will be more serious. Unfortunately, Suprema Biostar such a thing happened on 2 fingerprint lock. According to reports, researchers at the Biostar 2 Suprema's biometric locking system, found a security vulnerability, the system allows them access to more than one million authentication data.
According to the Guardian reported, these data include fingerprint / facial recognition data, unencrypted user names and passwords, or even employee personal information. Suprema biometric authentication system has many public companies and institutional clients - including the British Metropolitan Police, defense contractors and banks - even multinational harm the United States, Pakistan, Finland and Indonesia.
Israeli researchers Noam Rotem, Ran Locar and vpnmentor Suprema found in a security vulnerability, and obtained permission to visit Biostar 2 database. The most shocking is that after gaining access, database security researchers found a lack of proper protection, and most of the data stored in an unencrypted state, so you can easily access the total number of more than 27.8 million (more than 23GB of data)) recording.
In addition to sensitive information, security researchers can easily monitor the actual use of the stored biometric data. For example, to see which users real-time access to any facility by specific security gate, and even view the password for the administrator account. In addition, researchers can edit someone's account and add their own fingerprints. So in theory, the attacker can break through all that needs to be authorized to enter a place.