Samsung has released a new security update, with the patch to fix the fingerprint recognition issue
Bug fixed, complete with an official apology: Samsung Electronics has released the software fix to resolve the well-known fingerprint sensor issues on its flagship Galaxy S10 and Note 10 smartphones. At the same time, Samsung apologized to users via the Samsung Customer Support app.
It all stems from a report by a British user, who told The Sun newspaper last week that her Galaxy S10 protected with a normal film worth a few euros could be unlocked with any fingerprint. The bug has been replicated by other users and admitted by Samsung but, in fact, dozens of videos showing how to hack the ultrasonic sensor of the Galaxy S10 and Note 10 have been running on YouTube for months already. The software update released by Samsung, therefore, may not solve all the reported problems, but it certainly solves the one of the protective film.
Samsung fingerprint sensor: the film problem
According to Samsung, many of the protective films for the S10 range displays have an almost invisible texture that, however, is perceived by the sensor. This texture overlaps with the actual fingerprint and, in the end, rather than recognizing the fingerprint, the sensor recognizes the texture. Which is always the same, whatever fingerprint the person trying to unlock the device has. The newly released software update solves this problem and the sensor goes back to recognizing only the fingerprint actually registered on the device.
How to fool Samsung's fingerprint sensor
It still remains to be seen if this software solution is enough to block all the "tricks" shown on YouTube in recent months. There are many tricks that have been devised to bypass the fingerprint sensor of Samsung S10 (but also of other smartphones, to be honest): from the transparent silicone fingerprint to the 3D printed one, passing through khakis and dolls, users have found many ways to bypass the fingerprint control and access the device.
Problems with banking apps
These security issues have led some banking institutions, in several countries around the world, to prevent the Samsung S10 and Note 10 from accessing their respective online banking apps. According to these banks, in fact, it would be too easy for an attacker to unlock these devices in case of theft, loss or even if the rightful owner leaves the phone for a few minutes on a table in a bar. In the coming days, these banks will decide whether the solution found by Samsung is secure enough to allow the reactivation of online banking apps on the Korean manufacturer's devices equipped with the ultrasonic sensor.