29 Nov 2019

Using Galaxy S10 or Note10? Be Sure to Install the Biometric Update

Wams, Inc.Articles  

The Galaxy S10, S10+, S10 5G, Note10, and Note10+ smartphones have a flaw that allows any fingerprint to unlock the devices when certain screen protectors are used. Learn why this problem is occurring and how to fix it.

The Galaxy S10, S10+, S10 5G, Note10, and Note10+ smartphones have a flaw that allows any fingerprint to unlock the devices when certain screen protectors are used. While concerns about using screen protectors with these devices have been raised in the past, the problem took center stage when The Sun published an article about a Galaxy S10 user who found that anyone could unlock her phone after she put a gel screen protector on it.

Even worse, since the same biometric authentication system is used to log in to online service accounts, this flaw could potentially allow unauthorized individuals to access financial service accounts. This threat prompted several banks to temporarily suspend their mobile banking services for Galaxy S10 and Note10 users.

In a public statement, Samsung confirmed this problem exists and promised to deliver a patch to fix it. The company also issued an apology and again promised a patch in a message sent to customers through Samsung Members, its customer support app.

The Problem

The root of the problem lies in the technology being used for fingerprint authentication. The Galaxy S10, S10+, S10 5G, Note10, and Note10+ phones have a new type of fingerprint sensor. (The Galaxy S10e does not use this new sensor.) Instead of using a capacitive fingerprint reader on the side or back of the device, they use an ultrasonic fingerprint reader that is located underneath the display screen. The ultrasonic sensor uses sound pressure waves to read a finger’s 3D surface area.

Certain types of screen protectors can interfere with the ultrasonic fingerprint reader’s sound pressure waves. Plastic screen protectors typically do not pose a problem. However, the same cannot be said for tempered-glass and silicon (aka gel) screen protectors, which can leave a small air gap that interferes with the scanning. In addition, some silicon protectors have a textured surface on the inside that might be erroneously recognized as a fingerprint.

The Solution

Samsung has kept its promise and has rolled out a patch to fix the problem. Called the Biometric Update, it installs version 2.0.24.20 of the Fingerprint firmware. Affected users will receive a notice to install this patch.

Once the update is installed, users will need to restart their devices. In addition, if they scanned and registered their fingerprints when a screen protector was in place, they should delete the fingerprints and register them again without a screen protector on their device. Samsung also recommends that people avoid using screen protectors, especially if they have a textured surface on the inside. If users do not want to follow this recommendation, they should at least get one that is certified by the company.

Since the Biometric Update is a staged rollout, it might take a while to reach everyone, especially if cellular carriers test it first. While waiting for the patch, Samsung recommends that Galaxy S10 and Note10 users take some precautions. They should remove their screen protectors, delete their registered fingerprints, rescan and re-register their fingerprints, and refrain from putting the screen protectors back on.