Prepare for at least another 26 hours of rolling power cuts, South Africa. Stage 2 load shedding will continue until 11pm on Monday, Eskom…
There hasn’t been much good news about the Samsung Galaxy S10 and its authentication methods recently. Earlier this year, its facial unlock system was found to be as secure as a paper padlock. But now, it seems that its underscreen ultrasonic fingerprint sensor has also come under scrutiny.
His method reads like something out of a spy novel.
“First I simply took a photograph of my fingerprint on the side of a wine glass. I used my smartphone to take this picture, but it’s certainly not out of the question to use a long focal length DSLR camera to snag a fingerprint image from across a room…or further,” he wrote in an Imgur album.
He then adjusted the image in Photoshop to improve contrast, created an alpha mask and then pulled the height and depth details in 3DS Max.
“I popped that model into the 3D printing software and began to print it. Printed perfectly. Print time was only around 13 minutes,” he chuffed.
u/darkshark9 explains that while it took him a few tries to get it right, the 3D fingerprint now unlocks his device “just as well as my actual finger does.”
The spoof will only function with the Samsung Galaxy S10 5G, Samsung Galaxy S10 Plus, and Samsung Galaxy S10 — the three devices with underscreen ultrasonic fingerprint readers. The S10e — Samsung’s smallest device in the range — has a traditional surface-mounted fingerprint reader on its side.
Of course, this process probably won’t be used by all common phone criminals due to the sheer amount of effort and patience required, but it does prove that the fingerprint reader — in its current implementation on smartphones — is not as secure as we’d all like to believe.
The S10’s scanner has also been put under more practical stress earlier this year, courtesy of JerryRigEverything. The scanner only ceased to function after deep scratches were gouged out of the phone’s glass.
Samsung, although not yet commenting on u/darkshark9’s ingenuity, had in March pledged to fix the performance issues related to its ultrasonic fingerprint reader.
Feature image: supplied, Samsung