Samsung to fix Galaxy S10 flaw that allows any thumbprint to unlock the phone
Beware, if you are a Galaxy S10 owner, as a vulnerability in the smartphone allows any fingerprint to unlock the device. The news was confirmed by Samsung who told Reuters that the company is going to soon roll out a software patch to fix the flaw.
When Samsung had launched its Galaxy S10 series phones in March, it had described fingerprint authentication as a “revolutionary new biometric authentication feature”. According to Samsung, the scanner sends ultrasounds to detect 3D ridges of fingerprints in order to recognise users quickly.
News of the Galaxy S10 flaw came to light via The Sun, when a British user found that her phone could be unlocked regardless of the biometric data registered in the device.
The user, Lisa Neilson from Castleford, West Yorks, who had bought a £2.70 third-party screen protector on eBay, found that she could unlock her phone with her left thumbprint, which was not registered.
Lisa said: “Anyone can access it and could get into the financial apps and transfer funds.”
She then asked her husband to try and he too could unlock her phone with both his thumbs. When Lisa fitted the protector case on her sister’s Samsung phone, she discovered that anyone could unlock her sister’s phone too.
“This means that if anyone got hold of my phone they can access it and within moments could be into the financial apps and be transferring funds.
“It’s a real concern,” Lisa said.
“We called Samsung because we thought there was a fault with the phone.
“The man in customer services took control of the phone remotely and went into all the settings and finally admitted it looked like a security breach.
“They said someone in another department who could investigate would call us but we still haven’t heard anything from them.”
According to Samsung’s customer support app, the patterns of some third-party screen protectors apparently can be recognized by Galaxy S10’s ultrasonic fingerprint scanner.
“The issue can happen when patterns of some protectors that come with silicone phone cases are recognized along with fingerprints,” a notice on its customer support app reads.
“Samsung Electronics is aware of the case of the S10’s malfunctioning fingerprint recognition and will soon issue a software patch,” the company said in a statement.
“We recommend all customers to use Samsung authorized accessories, specifically designed for Samsung products.”
South Korea’s online-only KaKao Bank has instructed its customers who own Galaxy S10 phones to switch off the fingerprint-recognition option to log into its services until the issue is fixed.