Samsung Galaxy S10 fingerprint sensor fooled by 3D printed fingerprint
While smartphone companies have been diligently implementing the best security measures in order to make their systems infallible, there are always fixes and hacks available to get past them. The massively alluring Galaxy S10 is no exception; a user was able to fool its fingerprint scanner with a 3D model of his fingerprint, and it only took him less than 15 minutes.
In his post on Imgur, user darkshark explained his successful attempt to get past the fingerprint scanner. Firstly, he captured a photo of his fingerprint on a wineglass and processed it on Photoshop. Then he proceeded to make a 3D model using the modeling software 3ds Max, which was printed to an accuracy of 10 microns; enough to capture the finest of ridges in a fingerprint.
It took him a total of three reprints before he finally got the ridge height right, and was able to fool the phone’s fingerprint sensor. What is impressive and concerning in equal measure is the fact that it took him just 13 minutes to get the whole thing done.
It is worth noting that the Galaxy S10 doesn’t rely on the traditional capacitive fingerprint scanner, and has instead opted for the more spoof-proof ultrasonic sensor. Of course, this merely makes darkshark’s achievement all the more impressive. According to him, this flaw is deeply concerning since payment and banking apps are increasingly adopting this system, and all one really needs to get past it is a photograph, some modeling software and access to a 3D printer.
Be it the use of a 3D printed fingerprint by the police to get into a murder victim’s phone in 2016 or the face mask deployed by a cybersecurity firm to successfully fool Apple’s FaceID system, security measures implemented in smartphones have been shown to be fallible time and again. This particular hack by darkshark further underscores why there is a need to change the way smartphone manufacturers think about security because our security and privacy are at stake here.
As he writes in his post, “This brings up a lot of ethics questions and concerns. There’s nothing stopping me from stealing your fingerprints without you ever knowing, then printing gloves with your fingerprints built into them and going and committing a crime.”