Samsung Confirms Huge Galaxy S10 Fingerprint Security Flaw, Any Fingerprint May Unlock Your Phone
Using a screen protector is a common way to help prevent smartphone displays from getting scratched, scuffed, or even shattered. On the Galaxy S10 series, however, it's been discovered that a screen protector can inadvertently prevent the in-display fingerprint sensor from working correctly.
The issue was brought to light by Lisa and Wes Neilson, a couple living in the UK. Lisa had purchased an inexpensive screen protector on eBay, applied it to her Galaxy S10, and set up the phone to unlock using her right thumb. But after do so, Wes found he was also able to unlock her phone with either of his thumbs, even though he never registered a fingerprint on the phone.
"This means that if anyone got hold of my phone, they can access it and within moments could be into the financial apps and be transferring funds. It's a real concern. We called Samsung because we though there was a fault with the phone," Lisa told The Sun.
Samsung subsequently traced the issue to the use of certain screen protectors. The Galaxy S10 touts a special sensor that uses ultrasonic pulses to detect the 3D ridges and valleys to map out a fingerprint. However, some protectors interfere with the mechanism and get detected as well, due to the patterns on them.
It's a surprisingly simple end-around to thwarting what Samsung has billed as a "revolutionary" sensor, and one that "received the world's first FIDO Alliance Biometric Component Certification."
Fortunately, this is apparently addressable through a firmware update—Samsung is planning to issue a patch in the near future to fix the flaw. Until then, Galaxy S10 owners may want to consider disabling fingerprint recognition and set up an alternative security method.