• Nandan V

Samsung Galaxy S10 security breach - why it's not what you think

Videos have surfaced online where the latest flagship from Samsung, the Galaxy S10 is unlocked using the under-glass fingerprint sensor when an unregistered finger is used. This does sound very serious. Adding injury to hurt, the breach affects all of Samsung's devices using the ultrasonic fingerprint sensor, this includes the S10+, S10 5G and Note 10 among others.

The Breach

The breach is present only if the device uses a gel-like screen protector. The reason this exists is not to exploit a vulnerability, it's due to an inherent limitation of the technology used.

Ultrasound fingerprint sensor technology. Source: Qualcomm

Ultrasound waves are produced which ideally reflect from the indentations in your finger and the reflections are used to identify whether the fingerprint is registered or not and thus deciding the unlock process. The traditional glass screen protectors reflect the ultrasound waves before impacting your finger and thus hindering the use of such an effective technology, which you certainly paid for.

To bypass this effect, screen protectors made from film or gel are available in the market which costs just about $3. These protectors kind of maintain the depressions caused by pressing the finger which was used to unlock the phone. Therefore further unlocking attempts just scan the existing depressions and not the user's finger.

Why just Samsung?

You're right, it does not affect just Samsung, but all devices using this technology. However, Samsung is the only user of this technology as of now.

What should I do?

It's easy, get rid of these gel/film screen protectors and instead opt for those made from glass. Assuming you can live without the fingerprint sensor. The alternative is to not use a screen protector. Whichever suits you best.


©2019 by iReview. Proudly created with Wix.com