Samsung Galaxy S10 Fingerprint Scanner Tricked with 3D Print
The new Samsung Galaxy S10 biometrics feature can be deceived in as little as 15 minutes. A video uploaded on Imgur has revealed how the certified FIDO Alliance Ultrasonic Fingerprint Scanner can be bypassed by a $450 3D printer. The user, Darkshark9, demonstrated this by taking a picture of his fingerprint on a wine glass and printing the image in resin. Prints can also be lifted off a phone’s screen and then imposed onto a glass item, producing similar results. Biometrics have recently been proven hackable by others. One demonstration displayed how face recognition could be bypassed by a good photo of the owner. Another example was a voicemail recording used to bypass voice recognition. Once a threat actor has bypassed the security measures, they could potentially gain access to personal identifiable information (PII) and bank accounts that also implement biometric security features. The Galaxy S10 also has a built-in crypto wallet, which could likewise be compromised with biometric deception. The concern is the ease of which physical identifiers can be bypassed. “The hope is now that Samsung is made aware of this flaw and adds additional security measures such as two-factor authentication,” stated Darkshark9. At the time of this writing, Samsung is continuing to provide updates to make further improvements. The NJCCIC recommends users to enable or continue using multi-factor authentication (MFA) and install updates as they become available. For more information please see Coin Rivet’s article.