A Xiaomi User Was Able to Turn Fingerprint Sensor into a Functioning but Horrendous Camera
Optical fingerprint sensors have become commonplace for smartphones that are not using the more advanced ultrasonic fingerprint sensors. For those who don't know, these fingerprint sensors are essentially cameras that scan your fingerprint for the purpose of authentication. These are found in phones ranging from Oppo, Xiaomi, OnePlus, and even Samsung and they are moderately successful and risk-free, as well.
However, the recent revelation reveals that the optical fingerprint scanner on your phone might not be as secure as you may think, in the first place. As showcased by a Reddit user on their Xiaomi Mi 9T, users can access the imagining feed from the fingerprint sensor on the device and all they have to do is install an Activity Launcher app. A simple app that gives users access too hidden activities that are within their device.
Xiaomi User Shows How Easy it is to Access the Camera of Optical Fingerprint Sensor
As one would expect, the quality of the camera is horrid at best, the video feed is full of jitters and the actual image is extremely low resolution, to a point that is almost impossible to make something out of the camera. But then again, fingerprint sensors are not really made for focusing beyond the glass on which your finger is resting, so the possibility of spying through this is almost impossible.
However, that is not the only worrying part. Considering how the end-users can actually gain access to fingerprint sensor's data, this leaves a world of possibilities and potential security risks as well. One of the biggest damage could be done through all the apps that require you to use fingerprint login. I know my bank apps allow for that and after this, I would be more than careful to use something like this to log in to my app. Getting access to one's fingerprints can be a lot easier and simpler through this malicious hack. You can see it in action below.
It is clearly not safe by any means, and we are not sure if Xiaomi will be doing anything to patch this up.