Samsung really talked up the ultrasonic fingerprint scanner on the Galaxy S10 when it launched. It was supposed to be faster and more secure than other methods. We knew the first part wasn't true soon after launch, but we only found out how easy it was to fool the sensor a few days ago. Cheap screen protectors could allow any fingerprint to unlock the S10 and Note 10 phones, but Samsung promised a quick update. Samsung has now pushed notifications to phones promising the OTA will start in about 24 hours.
According to the notice, which you can see below, the flaw affects the Galaxy S10, S10+, Note 10, and Note 10+. Basically, all Samsung's 2019 phones with ultrasonic fingerprint scanners. The issue lies in the way the phone registers and improves fingerprint recognition. Some screen protectors have a texture or pattern on the underside that might look like a fingerprint to the scanner. So, registering with that screen protector installed means the phone is actually learning the screen protector's pattern as part of your fingerprint. Since the phone also improves fingerprint recognition with use, adding the screen protector later can cause the same problem.
Samsung recommends everyone with fingerprints registered should remove third-party screen protectors from the phone immediately. Once the biometric update hits phones, you'll want to re-register your fingerprints, and the new algorithms should prevent screen protector patterns from contaminating biometric data going forward. Samsung says that only devices with fingerprint unlock activated will get the update, which is not a full system OTA. Just keep an eye out for the notification.
Right on schedule, Samsung's update has been making its way to user devices. We've received reports of the software hitting US carriers, where it's available as a 7MB download.
- Zachary Kew-Denniss,