Samsung smartphone users have been urged to remove protective covers and update their saved fingerprints after a “malfunction” allowed anyone to unlock the devices.
It was revealed last week that the Samsung Galaxy S10 could be unlocked by anyone if there was a screen protector or some kind of transparent plastic between a finger and the sensor. This then allowed anyone to unlock the device using fingerprint recognition, even when their fingerprint wasn't saved on the phone.
This would give the person access to the phone owner’s messages, photographs contacts and payment applications, along with credit card information.
The fault was initially reported by The Sun, which revealed that a British woman had discovered she was able to unlock her husband’s phone after using a $5 screen protector bought from eBay.
The woman reported the issue to Samsung, which admitted it appeared to “look like a security breach”.
“We’re investigating this internally,” Samsung said in a statement. “We recommend all customers use Samsung authorised accessories, specifically designed for Samsung products.”
But the story continued to pick up steam, with a number of Samsung users showing publicly that applying the plastic screen protector enabled anyone to unlock their phones.
One of the videos showed a 2019 Samsung phone being unable to be unlocked with an unsaved fingerprint, with the system working as it should.
But when a clear silicone phone case is put on the phone, the video shows that the same finger could then be used to unlock the phone.
Another video showed the same process working to unlock a Galaxy Note10 device.
In a new statement issued this week, Samsung indicated that the problem was more widespread than initially thought, warning all Galaxy Note 10 and 10+, and S10, S10+ and S10 5G users to remove silicone screen protecting cases, delete all previous fingerprints and register new fingerprints.
In Australia, these premium phones cost $1,499 for the Galaxy Note 10, $1,699 for the Galaxy Note 10+ and $1,999 for the Galaxy Note 10+ 5G.
“If you currently use front screen protective covers, to ensure optimum fingerprint scanning, please refrain from using this cover until your device has been updated with a new software patch,” Samsung said in a statement.
“A software update is planned to be released as early as next week, and once updated, please be sure to scan your fingerprint in its entirety, so that all portions of your fingerprint including the centre and corners have been fully scanned.”
Samsung said that the issue involves the phones’ ultrasonic fingerprint sensors unlocking devices after recognising “three-dimensional patterns appearing on certain silicone screen protecting cases as users’ fingerprints”.
Samsung is one of the few smartphone providers that doesn’t use an optical reader, instead utilising Qualcomm’s ultrasonic fingerprint reader technology. This has led to some issues though, with the small gap between the protector and the screen resulting in some recognition challenges.
The use of a silicone screen protector seems to have resulted in the phone user’s fingerprint being captured within the case. As a result, when someone else attempts to unlock the phone, the phone interprets the pressure applied as the correct fingerprint.