Samsung's Galaxy S10 & Note 10 carries major security flaw!
Rachel Kim , Oct. 18, 2019, 9:38 a.m.
Some users of Samsung's latest flagship phones, the Galaxy S10 and Note 10, have found that anyone can get through the fingerprint-access lock simply by fitting a cheap screen protector. Samsung has admitted the flaw but is stumped. If it fails to solve the issue quickly, it could face a debacle like the exploding Galaxy Note 7s back in 2017.
British daily the Sun quoted a woman in the northeastern English town of Castleford as saying that anyone could access her Samsung phone after she fitted it with a £2.70 screen protector she bought on eBay. "This means that if anyone got hold of my phone they can access it and within moments could be into the financial apps and be transferring funds," she told the daily. One Galaxy S10 user in Korea later made the same claim on an IT website and said Samsung only told him to use certain authorized screen protectors instead.
Earlier this year, Samsung boasted that the ultrasonic fingerprint-recognition program, used for the first time in the S10 and Note 10, would offer "enhanced security." Samsung applied Qualcomm ultrasonic sensors to the smartphones' screens, which was supposedly even more tamper-resistant than the optical sensors used by LG, Huawei and Xiaomi. It claimed fingerprints could even be recognized with wet hands, where optical recognition devices notoriously fail.
Experts said the problem could stem from a software error. Kim Soo-hyung at the Electronics and Telecommunications Research Institute said, "Ultrasound analyzes fingerprints three-dimensionally, which requires more data to be processed and makes the algorithm more complicated. Maybe there's a problem with the software processing the algorithm."
Others suggested that minute bumps on the surfaces of silicon screen protectors could cause the sensors to malfunction. Some screen protectors have patterns on their surfaces designed to prevent films of water forming when they get wet, and the phone may misinterpret them as fingerprint patterns. Samsung had tried to improve its fingerprint-recognition programs due to the increasing use of mobile payment functions. Google, which supplies the OS for Samsung smartphones, stopped providing facial recognition on Android 10 platforms, which should boost demand for fingerprint-recognition programs.
Samsung says it is looking into the problem and will update the software "soon."