Samsung has acknowledged the existence of a security flaw on the Galaxy S10 which allows any fingerprint to unlock the phone. The company also promised to push a software patch that would fix the issue pretty soon.
The software flaw was first reported by a British woman whose Galaxy S10 unit was successfully unlocked by her husband’s thumbprint after fixing a cheap screen protector on the device. The lady had bought a £2.70 gel screen protector on eBay and then noticed her left thumbprint, which was not registered could also unlock the phone. Both of her husband’s thumbs could also unlock the phone. The same scenario played out when the screen protector was added to another relative’s phone which we believe is also a Galaxy S10.
The Galaxy S10 was launched in March this year and it came as the company’s first phone to feature an ultrasonic fingerprint scanner. The ultrasonic fingerprint sensor was touted to be a “revolutionary” piece of tech. But the fingerprint authentication feature has been unarguably the most controversial feature onboard the amazing device. The scanner sends ultrasounds to detect 3D ridges of fingerprints in order to recognise users.
EDITOR’S PICK: AI expert Daniel Povey hints at joining Xiaomi; Is XiaoAI going global soon?
In January this year, before the Galaxy S10 went official, US accessory maker Armadillotek had hinted that the device was tested with a screen protector and the fingerprint sensor didn’t work. The screen protector is said to leave a small air gap that interfered with the scanning. This is likely different as the cheap screen protector was able to unlock it meaning it scanned.
It was also discovered earlier on that the screen could be unlocked using a 3D printed version of the owner’s fingerprint. This again called to question the security of the fingerprint sensor.
This is the first-gen under-display fingerprint scanner from Samsung so we may give them the benefit of doubt that it has not been perfected. So, you should know it cannot be relied upon for secure transactions and other important biometric uses. Already, South Korea’s online-only KaKao Bank has instructed customers to switch off the fingerprint-recognition option to log in to its services until the issue was fixed.
UP NEXT: Xiaomi crowdfunded 17PIN Thermos features a digital temperature display
(via)
