Samsung Galaxy S10 fingerprint sensor reported hacked on Reddit
The Samsung Galaxy S10 and S10+ were released with a new kind of fingerprint sensor built into the devices' screens. They were regarded as more robust and secure compared to their counterparts of yesteryear. Those under-display sensors were mostly optical modules that used light to read and record 2D models of the fingerprint used to unlock phones such as the OnePlus 6T.
The Galaxy S10 line, on the other hand, contain ultrasonic fingerprint sensors that have been found to be harder to circumvent in at least one test in which mock prints were made using glues. However, a Redditor with the username darkshark claims to have found a more effective - and more high-tech - method of hacking this form of S10 biometrics.
The Redditor claimed to have used a 3D model of their own fingerprint to unlock a Galaxy S10. This fake print was made using an AnyCubic Photon LCD resin printer to print out an impression of the print in question. It was exported from 3ds Mark, a program allegedly used to make a 3D geometric displacement of an original photo of the print edited in PhotoShop to highlight its ridges. This, apparently, was enough to fool the S10's sensor with the resulting model.
This seems a worrying indication of how easily smartphone biometrics can be circumvented. In addition, the Reddit user asserted that the copied fingerprint was reproduced as a result of simply taking a picture of a wineglass, and that this information could also be captured more remotely using a DSLR with an appropriate lens. On the other hand - should this entire story be true - it would need to be a remarkably clear, complete image of the entire fingerprint in question for this method to work.
Finally, people wishing to keep particularly sensitive data on their phone could also avail of other measures such as passwords, patterns or PINs in the case of such a security breach.