Some Banks Drop Fingerprint Authentication for Samsung Galaxy S10 Users after Gel Cover Hack

Following reports that a simple gel cover can let people bypass fingerprint authentication on Samsung Galaxy S10 phones, a few banking institutions disabled the fingerprint authentication on their apps for this model.

Cybersecurity Live - Boston

A recent Android Police report said the UK’s NatWest and Nationwide Building Society already took measures to counteract this problem. NatWest chose to remove the app completely from the store for Samsung owners until the company issues a fix.

The fingerprint sensor on Samsung Galaxy S10 devices is embedded in the display and uses ultrasounds to map the surface of the fingers. It’s very precise, but it turns out that if you use a particular type of gel screen protector, anyone can log in, leaving the phone wide open.

A phone thief could easily access your account if the banking app uses fingerprint authentication and not a PIN. Losing a phone can quickly transform into a much larger problem.

Samsung already acknowledged the issue in a statement:

“If you currently use front screen protective covers, to ensure optimum fingerprint scanning, please refrain from using this cover until your device has been updated with a new software patch. A software update is planned to be released as early as next week, and once updated, please be sure to scan your fingerprint in its entirety, so that all portions of your fingerprint, including the center and corners have been fully scanned.”

It doesn’t really matter if people use official accessories from Samsung since this is not the main issue. If you have a Samsung Galaxy S10, delete stored prints and secure the phone with a PIN or pattern until the patch arrives.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at:

API Poll

Step 1 of 5

Do you have an API security project in 2022?