- The Ultrasonic Fingerprint scanner on the mobile phone could not tell apart an actual fingerprint from a 3D printed one.
- A Reddit user demonstrated unlocking the S10 with a 3D-printed glass with a photo of his fingerprint.
New smartphone features may be convenient for users to operate the devices securely, but not at all times. A proof of this is a recent, simple hack performed on the latest Samsung S10’s fingerprint scanner. Reddit user darkshark9 showed that a 3D-printed fingerprint model placed on the scanner could unlock the phone in a matter of seconds.
The in-display fingerprint scanner was introduced by Samsung this year on its S10 and S10+ devices.
- Reddit user darkshark9 used a photo of his fingerprint captured from his S10 phone and 3D-printed it. After many attempts, he successfully unlocked the phone with this 3D-print.
- He also detailed how he pulled off this feat with a photo editing software, 3D printing software and a 3D Printer.
- The fingerprint scanner clearly failed to detect that the fingerprint was not coming from a person.
- Samsung says that the scanner is based on ultrasonic technology instead of using an optical fingerprint sensor.
Why does Samsung use ultrasonic sensors - Samsung said that it preferred using the ultrasonic technology for its security edge over optical sensors. “Using ultrasonic fingerprint ID counteracts spoofing attempts using 2D replicas of a person’s fingerprint. Every ridge and notch of the user’s print is mapped in 3D. To enhance security further, we use a machine learning algorithm to help detect the differences between real fingerprints and forged 3D replicas,” Samsung mentions in their official page.
Despite the tall claims, the technology does not seem to be up to the mark in terms of security. darkshark9’s exploit is an example of how ultrasonic technology could be subverted despite its other advantages over earlier technologies. Samsung is yet to come out with a response to this issue in the S10 and S10+ devices.