Home » Android » Android – Where and how securely is fingerprint information stored in a device

Android – Where and how securely is fingerprint information stored in a device

Posted by: admin June 15, 2020 Leave a comment

Questions:

I have been reading quite a bit about fingerprint sensors and their growing presence in smart phones. I understand that at the basic level, there is a digital image that gets registered and it serves as a template for authentication. I understand that fingerprint related processing takes place in a Trusted Execution Environment. However, I would like to know where the “template” gets saved and in what format?

How to&Answers:

Trusted Execution Environment (TEE)

Google has made a noteworthy step in the right direction by moving all print data manipulation to the Trusted Execution Environment (TEE) and providing strict guidelines for fingerprint data storage that manufacturers must follow.

  • All fingerprint data manipulation is performed within TEE

  • All fingerprint data must be secured within sensor hardware or trusted memory so that images of your fingerprint are inaccessible

  • Fingerprint data can be stored on the file system only in encrypted form,
    regardless of whether the file system itself is encrypted or not

  • Removal of the user must result in removal of the user’s existing fingerprint data

  • Root access must not compromise fingerprint data

enter image description here

Data Source infinum.co