In a nutshell: Samsung has admitted that the Galaxy S10’s fingerprint reader has a bug that can allow anyone to unlock the device, even if their biometric data isn’t registered on the phone. The company said it is working on a software fix for the problem, which will be rolled out soon.
The issue came to light when an S10 owner in the UK bought a third-party screen protector for the device from eBay for £2.70 (around $3.50). After attaching the protector, it was discovered that the woman could unlock the phone with her unregistered left thumb. She then asked her husband, who was unregistered, to try. He was also able to unlock the device.
In a statement to Reuters, the company said: "Samsung Electronics is aware of the case of the S10's malfunctioning fingerprint recognition and will soon issue a software patch."
In a notice on its customer support app, Samsung wrote that the issue could happen when patterns of some protectors that come with silicone phone cases are recognized along with fingerprints. It recommends that buyers use approved protective devices, specifically designed for Samsung products.
KaKao Bank, an online-only banking service in South Korea, believes the situation is so serious that it has told customers to turn off the fingerprint recognition option for logging into their accounts until the problem is patched.
This isn’t the first time the Galaxy S10’s fingerprint scanner has come under scrutiny. Back in April, it was shown how a 3D-printed fingerprint was able to fool the ultrasonic sensor, which detects fingerprint ridges. It involved taking a photo of a fingerprint on the side of a wineglass, adjusting the image on Photoshop, then creating a 3D-printed model.