When the Samsung Galaxy S10 was first launched, there was plenty of hype about its all-new ‘in-display’ fingerprint scanner. The excitement stemmed not only from the convenience of the scanner being built into the screen but also from the fact that the ultrasonic fingerprint sensor was said to be more secure.
But a security researcher has now demonstrated how the fingerprint scanner can be hacked by a 3D-printed copy, shattering the illusion of security for most Samsung Galaxy S10 owners.
Samsung Galaxy S10 fingerprint scanner
Unlike a traditional fingerprint scanner, the ultrasonic scanner in the Galaxy S10 captures a 3D image, rather than a 2D one. It uses high-frequency ultrasonic sound waves to map a fingerprint in full detail, creating a unique 3D map. Thus, it’s much more secure. So what went wrong and how was the scanner hacked?
How it was hacked
Well, the scanner did do its job perfectly. The actual hack involved lifting of the actual fingerprint and creating a 3D replica of it.
The security researcher used a photograph of his fingerprint and used Photoshop to create a mask. Then, using 3ds Max software, the researcher created a detailed 3D model of the fingerprint. From here, it was as easy as printing the model using a 3D Printer. The entire processes took him only 20 minutes!
What you should do now
There isn’t much to do, really. The truth is that no biometric recognition system is completely unhackable, not even Face ID. Anyone with the right tools and approach can find a way into your gadgets. If someone steals your phone, for example, your fingerprints would already be on it for them to use this hack. But all that is theoretical and for the average person, there’s not really a lot to worry about. Because the person who steals your phone would not only need the technical skills to work the hack, but also be in possession of a 3D printer. Sure, a PIN or password would be more secure than biometrics, but that is the trade-off between security and convenience.