Samsung is already working hard on a potentially revolutionary Galaxy S11 (and a lot has leaked already), but the company now faces a big problem in the here and now. And millions of Galaxy S10 and Galaxy Note 10 users need to know about it.
Picked up by the always-excellent BleepingComputer, a huge security hole has been discovered in the Galaxy S10 fingerprint sensor. Thanks to a chance event, it has been discovered that you can bypass the phone’s cutting-edge ultrasonic in-display fingerprint reader with nothing more than a cheap silicone phone case.
The wraparound case in question cost just £2.70 ($3.44) and covers both the back and front of the phone which was found to confuse the ultrasonic sensor. Worryingly, the result is the sensor then accepts any fingerprint offered to it. Moreover, the fingerprint security works throughout the phone allowing access to stored credit banks and banking apps.
And this isn’t a one-off occurrence. Testing the case on other Galaxy S10 phones found the same results. Furthermore, the newly launched Galaxy Note 10 range uses the same ultrasonic fingerprint reader as the S10, making it similarly vulnerable.
The exploit was recorded on video by The Sun, with Samsung customer service concluding it appears to be a security breach. Samsung has subsequently issued an official statement confirming that “We’re investigating this internally. We recommend all customers to use Samsung authorised accessories, specifically designed for Samsung products.”
Needless to say, criminals looking to access stolen Galaxy S10 and Note 10 phones know exactly what to buy.
Interestingly, up until this point, the Galaxy ranges’ ultrasonic fingerprint sensor has been one of the most secure in-display readers available with only extreme high tech workarounds found. Whether or not Samsung can patch this flaw with software remains to be seen but, if not, the company has a real problem on its hands.
All of which suggests that Samsung’s decision to step away from facial recognition security was badly timed. After all, the Galaxy S11 may be touted as having a groundbreaking camera, upgraded design, major performance increases, next-gen memory, a supersized fingerprint sensor and AI-focused image processing and potentially revolutionary new battery tech. But if its security is still defeated by a $3 silicon case then customers will be buying iPhones and the new Pixel 4 instead.