Samsung has issued a software patch for its Galaxy S10 smartphone to fix a flaw in the under-screen fingerprint sensor that allowed anyone to unlock the device with the help of a cheap screen protector (via Reuters).

samsung galaxy s10 lineup 2019
The problem was brought to light last week, when a British user who applied a gel screen protector to her Galaxy S10 subsequently discovered that unregistered fingerprints could be used to unlock the device.

Samsung later admitted the issue can happen when patterns appearing on certain protectors that come with silicon cases are recognized along with fingerprints.

On Wednesday, Samsung issued an apology via its customer support app Samsung Members and told Galaxy phone owners to update their biometric authentication to the latest software version.

"Samsung Electronics takes the security of products very seriously and will make sure to strengthen security through continuing improvement and updates to enhance biometric authentication functions," the company said via the support app.

The Galaxy S10 is the latest in Samsung's flagship S series, which is updated each year and regarded as the iPhone's main rival, but the fingerprint recognition problem in its latest smartphone has already caused reputational damage, with some banks pulling their apps from the Play store in response to the security flaw.


Samsung originally aimed to bring an under-display fingerprint sensor to its smartphone line-up in 2018, but canceled the feature at the last minute due to similar technical issues surrounding the use of screen protectors.

In March, the Korean company launched the S10 with much fanfare and promoted its first commercial under-screen fingerprint recognition solution as "revolutionary" at the time.

Tags: Samsung, Galaxy S10

Top Rated Comments

jimothyGator Avatar
jimothyGator
47 months ago
If I were an S10 user, I’d still be leery. It’d make some sense if a screen protector prevented the phone from recognizing a valid fingerprint, but to make it accept any fingerprint? That suggests a pretty lax system. It’s as if the software is saying, ah heck, I can’t read this fingerprint at all! Come on in!

Yes, they’ve issued a patch and maybe this really does fix things. But to get something so critical so wrong makes me skeptical. Press releases aside, that doesn’t demonstrate they take security very seriously.

We’ll see what third party testing demonstrates, but for now, I’d be cautious
Score: 14 Votes (Like | Disagree)
JohnApples Avatar
JohnApples
47 months ago
Can you imagine if an iPhone had this flaw? People here would be demanding Tim’s head on a platter, news sites would be reporting non-stop on the “biggest security flaw in the past decade”, and there would be droves of people vowing to boycott Apple until Steve was resurrected from the dead.
Score: 10 Votes (Like | Disagree)
sinsin07 Avatar
sinsin07
47 months ago

Can you imagine if an iPhone had this flaw? People here would be demanding Tim’s head on a platter, news sites would be reporting non-stop on the “biggest security flaw in the past decade”, and there would be droves of people vowing to boycott Apple until Steve was resurrected from the dead.
You forget two things:
1: Class Action
2: Letters to Apple demanding an explanation from some random Senators/Congress Person/Oversight committee who have no idea about technology but want to make a splash in the news.
Score: 9 Votes (Like | Disagree)
realtuner Avatar
realtuner
47 months ago

It’s not an air gap that is fooling the sensor.

Just as some (most) clear cases have a texture to prevent the phone from having that wet bubble look, the “screen protector” in question has the same thing. The fingerprint sensor is reading that texture as the fingerprint during registration, not the users’ actual fingerprint. So, with the texture being read anyone can unlock the phone, as that pattern is what was actually registered.
Your missing the example where the fingerprint was registered without a screen protector and placing a case on the phone allowed a different finger to unlock it.

How do you explain that?
Score: 8 Votes (Like | Disagree)
csurfr Avatar
csurfr
47 months ago

kind of makes you wonder how exactly an air gap can fool the sensor. doesn’t the sensor need to read certain values to check against the saved fingerprint to see if they match?
It’s not an air gap that is fooling the sensor.

Just as some (most) clear cases have a texture to prevent the phone from having that wet bubble look, the “screen protector” in question has the same thing. The fingerprint sensor is reading that texture as the fingerprint during registration, not the users’ actual fingerprint. So, with the texture being read anyone can unlock the phone, as that pattern is what was actually registered.
Score: 8 Votes (Like | Disagree)
Sasparilla Avatar
Sasparilla
47 months ago

An embarrassing mess up that should never have happened... amateur your for Samsung.
And don't forget Google with their faceID without eye focus. Good thing Apple never does things like that and then drags their feet fixing them (if only I could get my MacBook keyboard keys to all work...).
Score: 4 Votes (Like | Disagree)
Read All Comments

Popular Stories

google drive for desktop1

Google to Roll Out New 'Drive for Desktop' App in the Coming Weeks, Replacing Backup & Sync and Drive File Stream Clients

Tuesday July 13, 2021 1:18 am PDT by
Earlier this year, Google announced that it planned to unify its Drive File Stream and Backup and Sync apps into a single Google Drive for desktop app. The company now says the new sync client will roll out "in the coming weeks" and has released additional information about what users can expect from the transition. To recap, there are currently two desktop sync solutions for using Google...
Read Full Article41 comments