If you followed our old incarnation of the site or listened to our old podcast, you know we have always said to wait to purchase new devices. They need to get the kinks out of it first. Many flaws, like Apple, allow people to gain access through your lock screen. However, this is a new one for Samsung. The Samsung biometric security flaw is definitely one for the books. Don’t worry though. There is a patch in the works.
Late last week, a report published in The Sun claimed that the Samsung Galaxy S10’s in-display fingerprint sensor has a security flaw. It appears certain “gel cover”-style screen protectors can confuse the ultrasonic sensor. If you register a fingerprint while the cover is applied, then the phone can start unlocking itself for anyone’s fingerprint, not just those you’ve registered. That’s one major security flaw.
After initially issuing a statement saying that customers should only use “Samsung authorized accessories” with their device, Samsung now says it’s going to fix the issue. The company told BBC News that it is “aware of the case of S10’s malfunctioning fingerprint recognition and will soon issue a software patch.” That was a few days ago.
Now, we know that the Samsung biometric security flaw affects all Galaxy S10 and Note 10 devices. That includes the Galaxy S10, S10 Plus, and S10 5G, as well as the Galaxy Note 10 and Note 10 Plus. So, basically anything that is an S10.
According to Samsung, the issue is caused by the phones’ ultrasonic fingerprint sensor incorrectly reading 3D patterns in the screen protector as fingerprints. As a result, any person could then unlock a phone wrapped in such a case, creating a security issue. This could be a reason why Apple has been very resistant to the idea of an ultrasonic sensor versus facial recognition.
Until the patch is the Samsung biometric security flaw, Samsung is advising users not to use any gel covers. They instruct users to remove the cover, delete any previously-registered fingerprints, and then re-register them without the cover applied. If you’re using the screen protector that came pre-applied to your phone then you should be fine. The operative word there is “should” until you’re not. But for everyone else, it couldn’t hurt to try and unlock your device with a non-registered fingerprint, just to check.