@red Scary reading ,but good for NXR tech the following was a...

@red
Scary reading ,but good for NXR tech
the following was a cut and paste from the address you posted , was surprised at how easy they were able to hack.

info from @red post.

The spoofing method is one of four attacks the FireEye researchers recently discovered that exploit major security flaws in Android smartphones with fingerprint sensors which they say make them more vulnerable than Apple’s Touch ID system.
FireEye’s researchers — which comprises of Yulong Zhang, Zhaofeng Chen, Hui Xue and Tao Wei — discovered a flaw in HTC One Max in which fingerprint data is stored as an image file (dbgraw.bmp) in a open “world readable” folder.
“Any unprivileged processes or apps can steal user’s fingerprints by reading this file,” said the team, adding that the images can be made into clear prints by adding some padding.
In another spoofing scenario, FireEye demonstrates how attackers can have third-party money transfers authenticated by displaying a fake lock screen prompting unsuspecting victims to scan their fingerprints to unlock the device.

“To make the situation even worse, each time the fingerprint sensor is used for auth operation, the auth framework will refresh that fingerprint bitmap to reflect the latest wiped finger,”
the team said. “So the attacker can sit in the background and collect the fingerprint image of every swipe of the
victim.”
The fingerprint sensors embedded in the smartphones are only restricted to root privilege, and not system,
which makes it easier for attackers to find a workaround.