Samsung has released a software patch to fix the Galaxy S10 smartphone security flaw with the device’s under-screen fingerprint sensor that allowed anyone to unlock the device with the aid of a screen protector.
Reuters reports Samsung issued an apology via its customer support app “Samsung Members” and told Galaxy S10 users to update their biometric authentication to the latest software version.
The problem was discovered last week in Samsung’s latest flagship device and main iPhone rival, the Galaxy S10 smartphone. The flaw allows any fingerprint to unlock the device, with the aid of a cheap screen protector.
A British woman discovered the authentication problem after she applied a cheap gel screen protector bought on eBay to her Galaxy S10.
She soon discovered the flaw by authenticating herself as the owner by pressing her left thumbprint against the device’s on-screen fingerprint sensor. Just one problem though, her left thumbprint hadn’t been registered with the device’s biometric authentication system.
She later asked her husband to try and unlock the device by pressing either of his thumbs on the on-screen fingerprint sensor. He was also able to unlock the device, even though his thumbprints hadn’t been registered on the device.
The woman then applied the same screen protector to a relative’s Galaxy S10, and the same thing happened.
Samsung admitted that the issue occurs when patterns appearing on certain cheap protectors are recognized along with fingerprints.
Samsung issued an apology on Wednesday, and told Galaxy S10 phone owners to update their biometric authentication to the latest software version.
“Samsung Electronics takes the security of products very seriously and will make sure to strengthen security through continuing improvement and updates to enhance biometric authentication functions,” the company said via the support app.
Fingerprint recognition with the S10 resulted in some banks pulling their apps from the Google Play store over concerns with the security flaw.
Good morning Robert, We've removed the app from the Play Store for customers with Samsung S10 devices. This is due to reports that there are security concerns regarding these devices. We hope to have our app available again shortly once the issue has been resolved. SY
— NatWest (@NatWest_Help) October 20, 2019