The hack relies on photographing a latent print from something like a glass in a bar, then using lab techniques to transfer the image of the print into wood glue, which is then applied to someone else’s finger to activate the sensor …
The researchers point out that the risk is greater with the S5 because it never requires a passcode, even after a reboot – and because a fingerprint can be used to authorise a PayPal payment without any additional security.
However, it should be stressed that the hack is non-trivial, requiring some fairly specialist kit and physical access to the phone for several hours. Provided you realise the phone is gone within this time, you can remotely wipe it.
FTC: We use income earning auto affiliate links. More.