It's been proven that hackers can manipulate your screen with fake taps through specific exploits, so they can potentially hit the "Grant" button when you get a superuser request. This is the last thing you'd want to happen since the malicious app from that point forward has full system privileges. Luckily, using a fingerprint to lock your superuser requests can prevent this.
Although not as common as your typical run of the mill malware, there are malicious apps out there that will use root access to try and gain control of your system. As a root user, these types of apps are more dangerous threats to you and your personal data since they have the freedom to do whatever they please. Why take a chance when hackers are always looking for new ways to exploit the system?
The fingerprint authentication used by Magisk is the very same system-level API that is tied to your phone when you unlock it — it doesn't use an external method for obtaining your biometrics. Google enforces this for any app that has a fingerprint feature, which further solidifies your level of security across all apps. Your data is stored on your device only — no one has access to it but you.
Enabling Fingerprint Authentication in Magisk
Open the Magisk Manager app, tap the menu button on the left, then go to the "Settings" section. Scroll down to the bottom of the page and turn on the "Enable Fingerprint Authentication" option. As long as you have a fingerprint already registered for unlocking your phone, Magisk will ask you to authenticate it once to confirm your choice.
After confirming your biometrics, any new superuser request that comes through Magisk will ask for fingerprint authentication versus the typical "Grant" or "Deny" responses. To ensure this works correctly, also make sure the "Automatic Response" option is set to "Prompt." If it's set to grant permissions automatically, for example, it will override your fingerprint security altogether.
Being able to use root access to do all sorts of new system altering tweaks and changes is pretty impressive, to say the least. However, it's not very fun if a rogue app tries to hijack your system using the same root access. Now you can control all superuser requests with your fingerprint, which means your device is even more secure than it was beforehand. Enjoy!
Hot Deal: Set up a secure second phone number and keep your real contact details hidden with a yearly subscription to Hushed Private Phone Line for Android/iOS, 83%–91% off. It's a perfect second-line solution for making calls and sending texts related to work, dating, Craigslist sales, and other scenarios where you wouldn't want to give out your primary phone number.
1 Comment
Ahh, prompt. That's why it seemed like it wasn't doing anything special.
Share Your Thoughts