Six-month-old Galaxy S10 bug lets strangers bypass your fingerprint scan, Samsung admits
- 18 October, 2019 01:00
The Galaxy S10 should be free of bugs by this point, but Samsung has admitted that a pretty big one is still out there. According to the company, some third-party screen protectors could allow anyone to bypass your in-display fingerprint authentication.
The bug was first reported by The Sun in the UK, who was tipped off by a reader. After Lisa Neilson, from Castleford, West Yorks, bought a cheap “gel cover” to protect her Galaxy S10’s screen, she quickly learned that she could use any of her fingers to unlock it, despite only registering her right thumb. Her husband was also able to unlock her phone with an unregistered fingerprint. After calling Samsung, the company admitted it was a security bug and said it would investigate the problem.
It’s unclear how the security snafu works, but presumably some screen protectors will leave enough of the contours of your fingerprint behind to trick the scanner into thinking your finger is the one being scanned. Once the system picks up the print, it automatically unlocks the phone. While it works on a fix, Samsung has advised against using third-party accessories with your Galaxy S10: "We are aware of the case of S10's malfunctioning fingerprint recognition and will soon issue a software patch. … We recommend all customers to use Samsung authorised accessories, specifically designed for Samsung products.”
The Galaxy S10 uses an ultrasonic in-display ultrasonic fingerprint sensor that uses sound to read your fingerprint rather than light. In my testing I found it to be finicky and unreliable, though I wasn’t able to reproduce this bug. Google's new Pixel 4 is one of the first U.S. Android phones to dump the fingerprint sensor entirely in favor of 3D facial recognition, so the S10 might be one of the last phones to use the tech. In the meantime, however, you might want to be careful about what you put on your phone's screen.