tricking s10 fingerprint scanner

This is one of the most legitimate Mission Impossible things I’ve ever seen in real life. As much as I wish it was the ultra-realistic spy mask, this is all about fingerprints.

In-Screen Fingerprint Scanners

Samsung recently launched the Galaxy S10 series in the shape of an S10, S10 Plus and an S10e. The Galaxy S10 and Galaxy S10 Plus feature an unlocking system Samsung refers to as an Ultrasonic Fingerprint reader. The long and the short of this means Samsung was able to build a fingerprint reader into the screen of their latest flagship smartphones. Huawei achieved this last year with the Mate 20 Pro with an optical sensor which requires bright light to shine onto your finger. Ultrasonic, Samsung promised, would work better with wet fingers while remaining secure.

But an Imgur user has shown there’s a way around these fingerprint scanners.

Mission Possible: 3D Printing Fingerprints

Imgur user darkshark wanted to see if he could trick Samsung’s Ultrasonic Fingerprint reader on his new Galaxy S10 Plus. To be fair, he’s got access to some tech to make this a real Mission Impossible attempt, namely a 3D printer, but all in all the process he has documented was pretty simple.

Fingerprint on a glass captured using the Galaxy S10 Plus

First, he took a picture of his fingerprint on a glass using nothing more than his smartphone.

The fingerprint after some Photoshop work

Next, he brought the fingerprint into photo editing software to increased the contrast and make the fingerprint sharper.

From here, he was able to import his fingerprint into 3D printing software and made a few final tweaks before printing his fingerprint. The print took 13 minutes and this particular attempt was darkshark’s third attempt to fool his phone with the first two proving unsuccessful.

The printed fingerprint

Now with his fingerprint ready, all that was left was to test it all out and see if he could fool the Samsung fingerprint reader.

Just like that, it only bloody worked. I wondered if it might have been a trick using Bluetooth smart unlock but it all looks legit to me.

So What?

To be totally honest, this doesn’t come as a complete surprise. Smartphone security often comes under question. Fingerprint sensors are pretty secure, but at the same time they can be fooled. Front facing camera technology combined with 3D facial recognition is pretty secure, but some phones use quite simple facial recognition with standard cameras – not very secure at all.

You are most likely better off with a pin number and remaining conscious about who sees that number. Convenience is arguably the biggest threat to people’s security these days. Many use the same password because it’s easier to log in, but that comes at a security cost.

What did you think of that?