Because of the way in which the phone recognizes fingerprints, any case or screen protector that covers the screen could be a security risk. Anyone with a clear case or screen protector on their Galaxy S10 should not be using fingerprint unlock. A South Korean bank has even recommended that all of its clients stop using the fingerprint sign-in option until the issue is resolved.
What does this mean for business users?
If you use your phone for any business purposes, this is a huge risk for your data. The current recommendations for data security include encryption on your phone and a locking screen. The best thing to do if you have a Galaxy S10 is to use an alternate unlock method. Methods such as a PIN or pattern unlock remain secure. This is particularly important if you work in a regulated industry, such as medicine or law.
Samsung has a history of security blunders.
This is far from the first time Samsung security has been called into question. In 2017, the Galaxy S8 facial recognition feature was hacked with a photo. The vulnerability, one which had been common to all facial recognition, was solved by other companies more than 5 years earlier.
Though the previous security exploits were problematic, they needed planning. You can’t fake a fingerprint or print a photo of a person unless you know them. This exploit is far simpler and more serious. Almost everyone keeps a screen protector or case on their phone to prevent damage.
If keeping a screen protector on your Galaxy S10 is all that it takes to let anyone unlock it with their finger, no one’s phone is secure. Samsung needs to address this vulnerability as soon as possible. This sort of issue could kill enthusiasm for the phone.
Though Samsung says a software patch is on the way, a timeline has not been given.
If you have any questions about data security, contact Problem 86. We would love to help!