Samsung Promises Fix For Smartphone Security Flaw

Samsung Galaxy smartphone

With a problem that stems from some silicone cases, Samsung explained a significant security flaw that could allow anyone’s fingerprint to unlock the Galaxy Note 10 and Galaxy S10 family of smartphones. The tech company also says a patch is coming out next week to address the problem, CNBC reported.

“This issue involved ultrasonic fingerprint sensors unlocking devices after recognizing 3-dimensional patterns appearing on certain silicone screen protecting cases as users’ fingerprints,” Samsung said, according to the outlet. “To prevent any further issues, we advise that Galaxy Note10/10+ and S10/S10+/S10 5G users who use such covers to remove the cover, delete all previous fingerprints and newly register their fingerprints.”

The company also advised, “If you currently use front screen protective covers, to ensure optimum fingerprint scanning, please refrain from using this cover until your device has been updated with a new software patch.” The news outlet wasn’t able to experience the problem on a demo Galaxy Note 10 device. However, CNBC noted that “it seems that it requires a silicone case that also protects the screen.”

The outlet made the test with a third-party screen protector as well as a clear plastic case for the screen. Even so, the tech company advises that front screen protective covers should not be used for now. The security issue is of particular concern, according to the outlet, as fingerprint sensors can enable payments via Samsung Pay — not just unlock Samsung phones.

The news comes after reports surfaced that one user had told a newspaper a flaw on her device allowed it to be unlocked regardless of the biometric information that the device had registered. Her husband could unlock her phone with his fingerprint despite the fact that his print wasn’t registered after she had purchased a third-party screen protector. It was also reported that KaKaoBank told consumers to halt their use of the Galaxy 10 fingerprint recognition function for logging onto its services until the security issue resolves.