Researchers from security firm FireEye have uncovered a flaw in the Samsung Galaxy S5's fingerprint scanner that allows hackers to copy the user's fingerprints and use them for nefarious purposes.

Fingerprint scanners have been hailed as the future of security and a safer alternative to the notoriously flawed password system. An increasing number of smartphones are using fingerprint ID systems to unlock the devices or check the person authorizing a transaction.

However, fingerprint scanners may not be as secure as believed earlier, after a number of Android devices using fingerprint ID systems, including Samsung's Galaxy S5, have been found to be potentially 'leaking' fingerprints. According to security researchers from FireEye, hackers can intercept a person's biometric data after it is captured by a built-in scanner, but before it becomes encrypted.

The vulnerability allows hackers to access the kernel, or core, of the Android operating system using a malaware, after which they can monitor all data sent to and from the phone, including data recorded by the handset's built-in sensors, as well as the fingerprint scanner.

Android phones usually store sensitive data like fingerprint information in a walled-off area of memory known as the Trusted Zone. Hackers can gain access to images of the user's fingerprints without breaking into the Trusted Zone where the fingerprint data is stored inside the device.

The vulnerability is present only in the older versions of the Android operating system, up to and including Android 4.4. Since devices running Android 5.0 or higher do not face the risk, users with older models are being advised by security experts to update their devices as soon as possible.

Samsung has stated that it takes security "very seriously" and was investigating the researchers' findings, and would patch the vulnerability as soon as possible. Researchers Tao Wei and Yulong Zhang from FireEye who discovered the flaw will be discussing their findings at this week's RSA conference in San Francisco.