Samsung releases a patch for the Galaxy S10 and Note10, both of which had flaws in the fingerprint reader that were exposed last week. Phone fingerprint sensors will unlock at a glance for everyone simply by placing a transparent silicone phone case on the sensor. Samsung does not appear to have any official communication that the patch is available, but reports have emerged from Reuters and Reddit that the patch is there.
After breaking the news last week, Samsung acknowledged some ] problems with the Galaxy Note10 and S10's fingerprints in a press release, saying: "This problem involved unlocking devices with ultrasonic sensors for fingerprints after recognizing three-dimensional patterns appearing on a specific silicone screen, protecting cases like consumer fingerprints. Samsung went on to say, "We advise users of the Galaxy Note10 / 10 + and S10 / S10 + / S10 5G who use such covers to remove the cover, delete all previous fingerprints and register their fingerprints recently."
Samsung's statement last week and the patch release notes do not correctly describe the problem with fingerprints people are experiencing. This makes us wonder if the flaw in fingerprints is indeed fixed.
Patch notes list "Problem Message" as "If you used a screen cover, such as a silicone cover with a textured surface on the inside, the texture itself can be recognized as a fingerprint that can unlock your phone. "Samsung seems to think that you can register a piece of silicon as a fingerprint and then unlock the phone with it, but this is not an accurate description of what is shown in numerous videos online. Even devices without screen protectors demonstrate security issues.
The problem is that placing certain transparent objects on the fingerprint reader will allow everyone to penetrate the latest generation of Samsung. Sometimes this is a clear screen protector, a n sometimes it's a clear case of the phone. Sometimes it's an arbitrary piece of transparent plastic. The phone doesn't learn and remembers a textured piece of silicon as a fingerprint – it unlocks with a piece of silicon it has never seen before. For whatever reason, if intervene a little for the Galaxy S10 or Note10 fingerprint reader, it will obviously give up and unlock the phone. One of the best examples is the video above: it shows someone registering multiple fingerprints on a Galaxy Note10 bare screen, who then recognizes each finger (even unregistered fingers) as a "left index" anytime between a finger and a fingerprint a transparent film is inserted
Displaying this on the fingerprint setup screen gives us a better idea of what is going on. But if it were the lock screen, the phone would unlock every time, potentially for an unauthorized user.
Because Samsung is so vague about the problems that have been presented, we cannot say whether the problem is actually fixed. We'll have to wait for the patch to unfold and more tests to know for sure.
Leaf image by Ron Amadeo