Samsung has issued a software patch for its Galaxy S10 smartphone to fix a flaw in the under-screen fingerprint sensor that allowed anyone to unlock the device with the help of a cheap screen protector (via Reuters).
The problem was brought to light last week, when a British user who applied a gel screen protector to her Galaxy S10 subsequently discovered that unregistered fingerprints could be used to unlock the device.
Samsung later admitted the issue can happen when patterns appearing on certain protectors that come with silicon cases are recognized along with fingerprints.
On Wednesday, Samsung issued an apology via its customer support app Samsung Members and told Galaxy phone owners to update their biometric authentication to the latest software version.
"Samsung Electronics takes the security of products very seriously and will make sure to strengthen security through continuing improvement and updates to enhance biometric authentication functions," the company said via the support app.
The Galaxy S10 is the latest in Samsung's flagship S series, which is updated each year and regarded as the iPhone's main rival, but the fingerprint recognition problem in its latest smartphone has already caused reputational damage, with some banks pulling their apps from the Play store in response to the security flaw.
Good morning Robert, We've removed the app from the Play Store for customers with Samsung S10 devices. This is due to reports that there are security concerns regarding these devices. We hope to have our app available again shortly once the issue has been resolved. SY — NatWest (@NatWest_Help) October 20, 2019
Samsung originally aimed to bring an under-display fingerprint sensor to its smartphone line-up in 2018, but canceled the feature at the last minute due to similar technical issues surrounding the use of screen protectors.
In March, the Korean company launched the S10 with much fanfare and promoted its first commercial under-screen fingerprint recognition solution as "revolutionary" at the time.
Top Rated Comments
Yes, they’ve issued a patch and maybe this really does fix things. But to get something so critical so wrong makes me skeptical. Press releases aside, that doesn’t demonstrate they take security very seriously.
We’ll see what third party testing demonstrates, but for now, I’d be cautious
1: Class Action
2: Letters to Apple demanding an explanation from some random Senators/Congress Person/Oversight committee who have no idea about technology but want to make a splash in the news.
How do you explain that?
Just as some (most) clear cases have a texture to prevent the phone from having that wet bubble look, the “screen protector” in question has the same thing. The fingerprint sensor is reading that texture as the fingerprint during registration, not the users’ actual fingerprint. So, with the texture being read anyone can unlock the phone, as that pattern is what was actually registered.