A major security flaw has been discovered in Samsung’s latest flagship device, the Galaxy S10 smartphone. The flaw allows any fingerprint to unlock the device, with the aid of a cheap screen protector.
The BBC reports a British woman discovered the authentication problem after she applied a cheap gel screen protector bought on eBay to her Galaxy S10.
She soon discovered the flaw by authenticating herself as the owner by pressing her left thumbprint against the device’s on-screen fingerprint sensor. Just one problem though, her left thumbprint hadn’t been registered with the device’s biometric authentication system.
She later asked her husband to try and unlock the device by pressing either of his thumbs on the on-screen fingerprint sensor. He was also able to unlock the device, even though his thumbprints hadn’t been registered on the device.
The woman then applied the same screen protector to a relative’s Galaxy S10, and the same thing happened.
Samsung has stated that it is “aware of the case of S10’s malfunctioning fingerprint recognition and will soon issue a software patch.”
Previous reports have indicated that some screen protectors are incompatible with Samsung’s reader because they leave a small air gap that interferes with the scanning.
The sensor uses ultrasound to detect the microscopic ridges that make every fingerprint unique. (Well, unless you have a screen protector on your device, apparently.)