A Reddit user has managed to use the fingerprint reader that Xiaomi installs under the screen as if it were a camera and see what the reader perceives with the sensor.
Under-screen readers are ushering in a new era in biometric phone security. They are simply used to read the grooves of our fingers and unlock the phone, but a user has been able to access some hidden data of this function and see what the sensor records from below the screen, which could mean a security risk.
On the Reddit platform this user has explained the process he has followed to gain access to the optical fingerprint sensor of a Xiaomi Mi 9T. With the app Activity Launcher, this user has managed to find activities apparently hidden from the rest of the users.
Obviously, the fingerprint readers under the screens only manage to detect the fingerprint that we stick to the screen. With powerful beams of light, Xiaomi sensors detect the furrows in the skin of our fingertips, that is what has been captured in the calibration menus of the Xiaomi tool, which should only be accessed by developers.
A Redditor found a hidden activity on a Xiaomi phone that lets you see the raw feed from Goodix’s optical under-display fingerprint scanner.https: //t.co/RKpjDTdgzG
OEMs really shouldn’t be leaving these debug apps in production builds … pic.twitter.com/fnEpvPZtol
– Mishaal Rahman (@MishaalRahman) August 10, 2020
We are not talking about a camera that can take selfies nor invade our privacy taking pictures, it’s a much more basic sensor, but it’s still a risk. Developers use this type of debugging tools, like the one this user has used, to address problems or optimize processes within their applications where authentication may be required.
However, applications such as Activity Launcher allow accesses so hidden Like seeing what the fingerprint reader is picking up and being able to record the drawing of our finger, it can be a very big risk. Fingerprint readers must have a security system in the device processor to that it is not so easy to access and copy your data.
Following the example of this user, others have tried to do the same with the sensors of their device. That ordinary users have these tools at their fingertips does not seem very appropriate. One in particular, with a Poco F2 Pro phone, when trying to enter the calibration menus, he encountered a problem and your fingerprint sensor has stopped working.