1

I understand the Android/iOS biometric subsystems are not designed for exposing 'finger print ids' outside of their proprietary internal APIs used for unlocking the device, etc.

However, can the sensor itself be used to collect finger print data to send to a third party source, e.g. used as a basic sensor?

Vikasdeep Singh
  • 20,983
  • 15
  • 78
  • 104
Jeremy Smith
  • 1,349
  • 8
  • 15
  • From the Android fingerprint HAL implementation guidelines: _"Raw fingerprint data or derivatives (e.g. templates) must never be accessible from outside the sensor driver or TEE. If the hardware supports it, hardware access must be limited to the TEE and protected by an SELinux policy"_. So neither apps, nor the OS itself ever gets access to the actual fingerprint data. – Michael Sep 05 '18 at 09:07
  • It's interesting that Google/Apple take explicit measures to protect a users identity while external fingerprint readers are abundant and violate every measure taken to keep the identities private. – Jeremy Smith Sep 05 '18 at 13:55

1 Answers1

2

As per my understanding it should not, actually it will not work (Android and iOS both) as basic sensor to collect data and send out of device.

It is against the security policies and which I think any OS will not allow.

Hope it will help.

Vikasdeep Singh
  • 20,983
  • 15
  • 78
  • 104