Samsung’s Fancy Galaxy S10 In-Display Ultrasonic Fingerprint Scanner Has Been Duped

by Brandon Hill — Saturday, April 06, 2019, 11:20 AM EDT

One of the hallmark features of Samsung’s new Galaxy S10, Galaxy S10+and Galaxy S10 5Gsmartphones are their use of in-display ultrasonic fingerprint readers. These newfangled sensors replace the tried and true optical fingerprint sensors that have been positioned on the backs of Samsung flagships for the past few generations.

While Samsung touts the ease-of-use and security of this newest biometric authentication system, one person was able to defeat the system with an admittedly relatively laborious workaround. A researcher who goes by darkshark9 was able to trick the Galaxy S10’s ultrasonic fingerprint sensor with a well thought out facsimile.

Before we go further, we should explain that ultrasonic sensor can create a virtual 3D image of your fingerprint using high-frequency sound waves. This allows the sensor to capture incredibly minute details and ridges in your fingertips rather than the 2D image captured by a traditional sensor. In practice, it should offer a more secure more method of authentication for a device.

Darkshark9 first took a picture of a fingerprint that he left behind on the side of a wine glass. He then opened the image in Photoshop, increased the contrast and created an alpha mask. From there, he ported the file over to 3ds Max where he was able to use geometry displacement to create a stunningly accurate, raised 3D model of his captured fingerprint.

He next used an AnyCubic Photon LCD resin printer to make a useable “fingerprint” to fool the Galaxy S10’s reader (the printer is accurate to within 10 microns). If you follow the source link, you can also watch a quick video showing the smartphone being unlocked with the 3D printout.

We shouldn’t be too surprised to see a workaround for Samsung’s ultrasonic fingerprint sensor. Optical sensors have been fooled in the past by researchers (and everyday people), and even Apple’s Face ID biometric system isn’t completely foolproof.

In everyday practice, while we doubt that someone would go through such trouble just to gain access to your smartphone (unless you’re some high-profile target), just think of the fingerprint reader as more of a convenience feature than a vault-like security system for your personal data.

Tags: Samsung, security, (krx:005930), fingerprint sensor, galaxy s10

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

Which New GPU Is For You?

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now