Updated Oct. 24, 2019: Samsung promised it would have a fix to this issue soon and it followed through. It just rolled out a software update that is supposed to fix the issue with Galaxy S10 phones that allowed anyone to bypass the device’s fingerprint reader with a simple scan. If you have one of these devices make sure your software is updated ASAP.
Smartphones contain so much of our personal data that securing them should be a priority. That’s why developers bundle their devices with biometric security features like FaceID and fingerprint readers, which help keep them safe from prying eyes and scheming hackers.
But even the toughest security measures can fail, and a newly discovered glitch in a popular smartphone brand is starting to make users nervous.
Security flaws on smartphones can put your privacy and security at risk. Click or tap here to see how one zero-day exploit threatens millions of Android phones. If you use this popular biometric security feature, here’s why this glitch can let anyone into your phone, and what you can do to prevent it.
The new Samsung Galaxy S10 and Note 10’s fingerprint reader will let anyone in.
According to reports from the BBC, a newly discovered security flaw in Samsung’s Galaxy S10 and Note 10 smartphones allows anyone to bypass the device’s fingerprint reader with a simple scan.
Normally, if your fingerprint isn’t registered, the phone will reject your attempt to unlock it. With this exploit, the phone scans and allows anyone to unlock the phone, even if their print isn’t registered — completely defeating the point of the reader in the first place.
The flaw was discovered by a British woman who claimed her husband was able to unlock the device after it was placed in a cheap smartphone case. She was able to repeat the issue on another family member’s phone when a screen protector was applied to it. This led her to suspect the issue and the use of screen covers were related.
Samsung has acknowledged the issue. The company states a software fix is on the way and encourages users to switch to a passcode lock for their phones in the meantime.
How can I protect my phone from this exploit?
As Samsung says, setting a passcode lock and disabling the fingerprint reader is the smartest way to secure your phone until the patch arrives.
To set up a code, open the Settings menu and select Lock screen and security. Tap Screen lock type and select PIN. Make sure Fingerprint is toggled off under Biometrics on this page to continue.
Additionally, it might be worth avoiding screen protectors until the fix is released since they seem to be central to the reader’s malfunction. The fingerprint sensor is embedded in the display, so it makes sense a screen cover could interfere with its ability to read.
This episode underscores the importance of security measures for the privacy of our devices. When biometrics fail, it’s up to us to take charge of our privacy and take alternative measures to secure our data. Otherwise, we’re no better off than having “12345” as our passwords. Click or tap to see some of the other most dangerous passwords to have on your device.