Mike, Head of Mobility Security at Bank Ltd, wants to disable all fingerprint authentication from devices. He believes that an image of the biometric data is extracted from the devices and stored in Google Cloud. Which of the following facts would you use to ease Mike's concern?
Choose an answer
Tap an option to check your answer.
Correct answer: A biometric template cannot be copied to another device because it is signed with a device specific key when stored in the TEE., The device does not take an image of the print but a biometric model that then uses an algorithm to create a mathematical template.
Why this is the answer
Mike's concern stems from a misunderstanding of how biometric data is handled on Android devices. The two correct options address this directly. First, the device does not store a raw image of a fingerprint. Instead, it creates a mathematical template from the biometric data. This template is a numerical representation, not a reconstructible image, significantly reducing the risk of misuse even if accessed. Second, this biometric template is stored securely within the device's Trusted Execution Environment (TEE) and is cryptographically bound to that specific device using a device-specific key. This means the template cannot be extracted and used on another device, preventing unauthorized access or replication. The incorrect options are misleading: biometric data is not stored as images on the filesystem for Google to access, nor is it common practice for cloud companies to store biometric data for compliance.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed