Samsung’s security issue discovered by a UK couple has become more complex. Netizens that are concerned about this issue hold different views on it.
Views of Internet users
Some netizens don’t trust the security of this technology. They hold the view that it is the ultrasonic fingerprint scanner itself not safe enough.
Some netizens think it is because the British user registered her fingerprint when using a fully covered silicone case (that is to say, the phone also has a transparent silicone case on the screen). They believe that the ultrasonic fingerprint scanner from Samsung and Qualcomm is still the most advanced technology in the industry.
Samsung used the third generation of Qualcomm’s 3D ultrasonic fingerprint sensor, which identifies fingerprints via ultrasonic. So, the phone may scan the texture of the silicone case when the user registers a fingerprint over the silicone cover. In terms of the British couple’s case, it is the texture of the silicone case that is scanned, but not her fingerprint.
Later, a netizen said that the Samsung phone could be unlocked with the unregistered fingerprint only over a TPU film even if the fingerprint was scanned without a screen cover. If so, it would be more complex.
Why is this security issue serious?
It is essential to ensure the security of your phone because your personal information and financial details can be accessed by others via your phone. Nowadays, most payment services enable a user to make a payment with the fingerprint. That is to say, it is quite easy for anyone who can access your phone to steal your hard-earned money via your financial apps on the phone.
In this case, if your Samsung phone can be unlocked by any fingerprint, anyone can verify payment on your phone. This leaves your sensitive data and property vulnerable to hackers.
Discovery of this security issue
On Oct. 13, a UK couple discovered Samsung’s fingerprint misidentification. The wife scanned her right thumbprint with a fully covered silicone case and then unlocked her S10 with the left thumb and even her husband’s thumbprints, which shocked them.
The security issue was so serious that Samsung Electronics immediately confirmed that there were vulnerabilities about the ultrasonic fingerprint scanner on Samsung Galaxy S10 and the Note 10 series. And it advised users to stop using screen covers, remove previous fingerprints and register new fingerprints without a screen protector.
Besides, many relevant service providers took action to avoid being affected by this security flaw. For example, the Bank of China announced on Oct. 19 that it would disable the fingerprint login function for its mobile banking app on Samsung. Natwest and Nationwide Building Society, two British Banks, even removed their mobile banking apps directly from Samsung Galaxy S10. Another Israeli netizen said they were not allowed to log in to the mobile banking apps with a fingerprint.
In addition to this temporary solution, Samsung has also developed a patch to fix this problem. A software update was released by Samsung on Oct. 24 to patch the security flaw with the ultrasonic fingerprint scanner.
What else did Samsung do?
Samsung also apologized to users on “Samsung Members” and reminded them to update their biometric authentication to the latest version of the software as soon as possible. Samsung users were advised to remove the protective film, delete all previous fingerprints and re-register fingerprints.