3aIT Blog

Person using mobileEarlier this month, a Samsung Galaxy S10 phone user discovered that her husband was able to unlock her phone using the fingerprint scanner. Naturally, she was somewhat surprised and alarmed by this discovery.

It transpired that, in fact, any fingerprint could be used to unlock the phone, basically rendering the locking system useless. Upon investigation, Samsung's engineers tracked down the issue to the use of a non-Samsung based screen protector. It appeared this created a small air gap that interfered with the fingerprint scanner. This isn't to suggest the user had done anything wrong here. Indeed, Samsung's software team are currently working on a patch to fix this issue.

However, with this issue still ongoing, some banks have decided to pull their apps from these phones until the problem is resolved. Naturally, if anyone can gain access to these phones, then any banking app would be a prime target for a would-be bad actor. Both Natwest and RBS are known to have withdrawn their apps.

In general, the advice for owners of these popular handsets is to stick to Samsung authorised accessories for now. Additionally, it would be sensible to use a method other than a fingerprint scan to unlock the phone until the patch is released. At the time of writing, the patch has already been sent to phones in South Korea. Assuming this rollout proceeds without issues, it will likely be applied to devices worldwide as the week progresses.