The Daily Dose

Security researchers have discovered a bombshell: HTC was storing high-resolution images of your fingerprints directly on your Android phone with little protection. In a white paper released by FireEye researchers last week, the group outlined how simple it was to recover the image files from an HTC phone, the One Max.   In the case of the One Max, HTC saved images of configured fingerprints directly to phone storage at /data/dbgraw.bmp with ‘world-readable’ permissions, meaning any app could steal the user’s fingerprints. Even worse, every time the fingerprint sensor was swiped the image was updated, so a malicious process could steal multiple images…

This story continues at The Next Web