Samsung promises to fix bizarre Galaxy S10 bug breaking in-display fingerprint security
UPDATE: To highlight just how seriously the company is taking this matter, Samsung has issued a formal and complete statement on the nature of the glitch and its impending fix. Apparently, the in-display fingerprint sensor on not just the Galaxy S10, but the S10+, S10 5G, Note 10, and Note 10+ as well, has been erroneously identifying "three-dimensional patterns on certain silicone screen protecting cases as users' fingerprints."
For the time being, you're advised to "refrain from applying a silicone screen protecting case to your device", as well as delete "all previous fingerprints and newly register your fingerprints" if you've recently experienced any trouble. A software update will properly address the bug "beginning next week", after which you should be able to go back to using the protective accessories of your choice without fearing a massive security breach. The original story follows.
We always knew the in-display fingerprint recognition method employed by the Galaxy S10 and many other "modern" high-end Android smartphones was... not ideal from a speed and accuracy standpoint, but until recently, we had no idea how insecure it could be in a particularly bizarre and mundane scenario.
According to The Sun, which is not an altogether respectable British publication, a 34 year-old woman from a little town in West Yorkshire, England was shocked to discover one of those dirt-cheap screen protectors you can buy on eBay somehow totally broke the fingerprint authentication security on her state-of-the-art Galaxy S10.
Because we know exactly what you're thinking, let us highlight we have our own doubts regarding the veracity of this story, but Samsung appears to have confirmed there is indeed something seriously wrong with the fingerprint scanning system of the S10.
Major glitch discovered, software patch incoming
After applying a "gel cover" on top of her Galaxy S10 to protect the screen from scratches, a woman named Lisa Neilson accidentally unlocked the phone by using her left thumb. That wasn't supposed to happen since the handset's owner allegedly registered only her right thumb print as a theoretically secure method to access all the personal information on the GS10.
Lisa quickly found out that the device could be unlocked using any of her digits, and worse yet, her husband had no problem doing the same even though none of his prints were registered prior to acquiring the unnamed £2.70 ($3.45) screen protector. While we presume the issue could be easily fixed by removing the third-party protective accessory, its presence and manifestation remain extremely concerning.
For its part, Samsung seems to have reacted to this vexing report with swiftness and readiness to act, promising to deliver a software update in the near future to make fingerprint security great again. At the same time, the company is strongly recommending the use of "authorized accessories, specifically designed for Samsung products", which is generally a good point but doesn't feel particularly relevant right now. Granted, in-display fingerprint sensors are not known for playing well with "unauthorized" screen protectors, but that doesn't explain or justify the very serious security glitch taking place here.
After all, there's a big difference between an unresponsive or completely nonfunctional fingerprint recognition system and one that can't distinguish the rightful owner of a phone from a possible intruder just because something is covering up the screen.
What in the world might have happened?
Because Samsung isn't ready to offer a thorough explanation yet, we're left scratching our heads as to the exact nature of this weird bug. For those who may not remember, the Galaxy S10 and S10+ were universally criticized at launch, including in our own in-depth review, for various fingerprint scanning performance issues. But the performance and reliability of the "invisible" biometric sensor were the only things panned by reviewers and early adopters, not to mention Samsung improved all that with a couple of software updates.
Of course, it didn't take long for someone to design a way to hack the fingerprint reader, but this time around, you need no skills whatsoever and little to no effort to bypass the S10 biometric security. Clearly, something about this specific screen protector or a certain type of cover causes the ultra-advanced ultrasonic system to misbehave, most likely leaving a gap between the actual display and the protective accessory that somehow disables the functionality of the screen-embedded scanner.
As its name suggests, this uses ultrasound technology to detect the ridges that make every single human fingerprint unique. We'll obviously have to wait for Samsung to complete its "internal investigation" before providing a detailed explanation of what went wrong. In the meantime, you may want to heed the company's advice and take no risks whatsoever on third-party accessories.
Now would also be a good time to remind you Samsung is expected to vastly improve the in-display fingerprint scanner on its next flagship device. This latest controversy might also explain why Google decided to focus all its biometric development resources on 3D face unlock technology and why Apple continues to hesitate to bring back Touch ID in a modernized form.