Samsung Galaxy S10 Fingerprint Sensor Allegedly Bypassed with a Cheap Gel Screen Protector

A woman in Castleford, UK, discovered that a £2.70 ($3.40) full screen protector for her Samsung Galaxy S10 allowed everyone access via the thumbprint authentication.

Thumbprint authentication is now a widely used form of security, also used in essential services such as online banking. Phone manufacturers and users alike put a lot of faith into it, so any failures cause serious concern.

The latest Samsung Galaxy S10 comes with an in-display fingerprint reader. This technology was announced a long time ago, but it took a while for manufacturers to make it work. The placement of the new fingerprint reader means that Samsung can leave the back of the phone clear, except for the camera.

According to a media report, UK resident Lisa Neilson said that, after she fitted a gel cover on her Samsung Galaxy S10, anyone holding the phone was able to access it. Some people speculated that her initial fingerprint was trapped between the display and the cover, but the situation is a little bit more complicated.

The fingerprint reader in the Samsung Galaxy S10 is built by Qualcomm and uses sound waves to map the surface of the fingerprint. When those waves travel through yet another medium, like a screen protector, problems arise.

A Forbes story says that a Chinese manufacturer of cheap screen protectors found out the hard way that their products wouldn’t work on new S10 phones. So they made some changes to the gel surface to accommodate the new fingerprint reader, but in doing so provided access to anyone trying to use the phone.

Samsung’s initial reaction was to say that people should use only authorized accessories, but that’s not really the main issue. In theory, if you’re phone is stolen, the thief would only have to slap a gel cover on to access your device.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: