SECURITY
SECURITY
SECURITY
Samsung promises patch after user finds Galaxy S10 fingerprint reader can be fooled
It all started with a $3.50 screen protector.
Samsung Electronics Co. Ltd. said today that it will release an update for its Galaxy S10 flagship smartphone to fix a fingerprint reader vulnerability discovered accidentally by a user. The fix could come as early as next week.
The customer, who first shared the issue with a British tabloid, found that she could fool the sensor using a cheap display cover ordered online. Putting a thin layer of plastic over it allows anyone to unlock a Galaxy S10 regardless of whether they’re the owner.
It’s not the first time that the Galaxy S10 has been shown to be vulnerable. Shortly after the device hit stores in March, an anonymous security researcher showed it’s possible to unlock Samsung’s flagship phone using a photo of the handset owner’s thumb. But whereas that method requires a 3-D printer and a thumbprint sample, this latest bug can be exploited with no special tools or know-how, making it a much more serious issue.
The problem is especially severe since it’s apparently not limited to the Galaxy S10. Samsung’s Galaxy Note 10 is susceptible, too, according to a video posted on social media.
The common denominator is that both devices ship with the same ultrasonic in-screen fingerprint reader. Whereas most sensors in the category work by taking a photo of the user’s thumb, the one in the S10 and Note 10 operates more like sonar. It measures how sound waves bound back from the user’s finger to reconstruct the ridges and valleys of their fingerprint.
It’s not clear if the vulnerability is the fault of the sensor itself or the way Samsung’s devices are configured. The fingerprint reader is made by Qualcomm Inc., which claims the technology is more secure than traditional scanners because the sound-based imaging method creates a detailed model of the user’s finger that is harder to copy.
Samsung didn’t say when the security fix will become available. The company is believed to have shipped 16 million Galaxy S10 units between April and July alone, which means a lot of Android users will be updating their devices in the near future.
Image: Samsung
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
