Galaxy S10’s ultrasonic fingerprint sensor fooled by a 3D-printed fingerprint
The Galaxy S10 and S10+ both feature an under-display ultrasonic fingerprint sensor, which, Samsung claims, is more secure and accurate than other similar technologies on the market. However, it still may not be secure enough to trust for everything. Imgur user darkshark has just proved that.
3D-printed fingerprint fools Galaxy S10
In a detailed post on Imgur, darshark has shown that the Galaxy S10’s under-display ultrasonic fingerprint sensor can be easily fooled by a 3D-printed fingerprint. While his method doesn’t read any less than something out of a spy novel, the fact that he could easily fool a technology touted to be ultra secure is something to be worried about.
According to darkshark, he took a photograph of his fingerprint on a wine glass using his smartphone. He then used Photoshop to increase the contrast of the image, created an alpha mask, and then pulled the height and depth details in 3DS Max. Then using an AnyCubic Photon LCD resin printer, he printed a 3D image of his fingerprint and used it to fool the Galaxy S10’s under-display ultrasonic fingerprint sensor.
Darkshark noted that it took him three reprints to get the things right. But once done, the 3D print could unlock the phone as smoothly as his actual finger does. He further said that one can produce better results using a DSLR camera. One can also use a telephoto lens to steal one’s fingerprint from across the room, or even further. This raises some serious questions about the safety and privacy of users.
Both Qualcomm and Samsung have been advertising the Galaxy S10’s ultrasonic fingerprint sensor as the next level of security. However, darshark just proved that fingerprint sensors, in their current implementation on smartphones, are not as safe as we would like them to be.
- Model: SM-G973F
- Dimensions: 70.4 x 149.9 x 7.8mm
- Display: 6.1"(157.5mm) Super AMOLED
- CPU: Exynos 9820 Octa
- Camera: 12 MP.CMOS F2.4 45° Telephoto & 12MP F1.5 77° & 16MP F2.2 123° Ultra-wide
- Model: SM-G975F
- Dimensions: 74.1 x 157.6 x 7.8mm
- Display: 6.4"(162.5mm) Super AMOLED
- CPU: Exynos 9820 Octa
- Camera: 12 MP.CMOS F2.4 45° Telephoto & 12MP F1.5/F2.4 77° & 16MP F2.2 123° Ultra-wide
33 Comments
Sign in »33
Leave a Reply
I think the statement “easily fooled this technology” is an overstatement. Did anyone read what he had to go through to fool it? Totally impractical, so in a real world situation nobody is going to do it, unless it’s the CIA or someone. All technology of this type can be fooled. People have used rubber fingerprints to bypass internal airport and government facilities security systems. Unfortunately the most secure system of all, the iris scanner, has been removed. Even twins or lookalikes that can fool Apples Face ID, could not fool Samsungs iris scanner. It’s a pity it’s gone.
People will be drinking wine glasses with gloves after this one.
I will suggest for samsung to focus on fixing poor efficiency of S10 fingerprint sensor.
For real , I don’t understand that bored peoples , they ain’t got anything to do in there life?
Samsung new ultra sonic sensor, way better then the popular optical one , and more secure,
For hacking it. Not every random person got a 3d printer and be like ” hey mate can I have your finger” this article literary make me face palm , no finger print sensor is 100% secure, but with the latest update for fingerprint scanner scanner , Samsung made it more difficult.
Next up: Apple’s Face ID EASILY fooled by recreating a biological replica of a person’s face using a road speed camera photo of the user driving the car then enhanced using NASA supercomputers. Seriously? No security measure is impenetrable.
I would like it better if Face ID could be fooled with an AR emoji.
So you go to someone and say, “I want to make a 3D copy of your fingerprint so I can get into your phone”. And the person say, “sure, I would love you to steal all of my valuable information”.
That’s what I been speaking about, totally agree
jeez, when phones will use your dna to unlock and you will trick them by clonning person and using his dna you`ll also say “its so easy to fool dna scaner i just had to clone myself in lab”. ITS 3D COPY OF YOUR FINGER WHAT WERE YOU EXPECTING? That phone will check your pressure, temperature and heart rate? it was made for convinience so you dont have to press on screen 4 times to type your password.
Iris scanner seems to be a better option than a in-display finger scanner, unless they fix the flaws & implement it to the next-gen finger scanner.
“One can also use a telephoto lens to steal one’s fingerprint from across the room”
Nice joke.
In vain the samsung abandoned the iris scanner. I hope that they will return in future flagships
Iris can be fooled to with photo.
It can’t.
It can “According to research published today, it took a CCC researcher less than two months to breake the latter. Named Jan “Starbug” Krissler, this CCC researcher realized that by taking a photo of a phone owner’s face, an attacker with physical access to the device would be able to unlock the phone just by printing the photo on paper and flashing it in front of the phone’s front camera. But there’s a trick to the attack. Modern iris scanners (and facial recognition systems) are programmed to use image depth in order to distinguish between (2D) photos and a human’s… Read more »
” he took a photograph of his fingerprint on a wine glass using his smartphone. He then used Photoshop to increase the contrast of the image, created an alpha mask, and then pulled the height and depth details in 3DS Max. Then using an AnyCubic Photon LCD resin printer, he printed a 3D image of his fingerprint and used it to fool the Galaxy S10’s under-display ultrasonic fingerprint sensor. Darkshark noted that it took him three reprints to get the things right.” EASILY fooled, you say?! 😂😂😂😂 You guys best keep your phones and fingerprints away from anyone with a… Read more »
Exactly. Easily fooled was not an accurate description. I said the same in the first comment here but AGAIN, my post was deleted AFTER appearing. What’s the problem with Sammobile writers?
Bring back the iris scanner. Improve the face unlock like what iPhone has to offer. Also, i would like to see the improvement on the front camera. Feels like the filter is automatic when there are imperfections on the face of the subject.
I would like to see how he unlocks that phone with his own finger first and then with printed one, while only one fingerprint is registered in the phone.
What is to say he didn’t set it up with one of those printed scans as a fingerprint for “clicks”…………does the video show or prove that he didn’t?
So first the face ID being easier to fool than in any previous Samsung phones from the S8 to Note 9. Now this. So many compromises to achieve the “perfect” bezeless phone through the “awesome” and “futuristic” punch hole and pill shaped cutout, ah!! This is a first generation of ultrasonic indisplay fingerprint reader (IFR) so not surprisingly it still has teething issues. Therefore Samsung should have at least kept the top thin bezel with the iris scanner and/or the capacitive fingerprint scanner either on the side or at the back together with IFR just in case until the tech… Read more »
This same approach will defeat capacitive scanners if they use a conductive resin……………..none of these tech’s will stop someone with know-how and equipment. Hard to beat a good old password.
I know even the 3D face ID scanner on the iPhone can be cracked but it’s the ease with one can be cracked over the other. Capacitive and iris scanner seem to be more difficult to crack as of now.
hard to beat the good old password? and if someone see you put it in? it’s the same, they only have to be patient.
The face ID isnt easier to fool, its exactly the same. Who gave you that information ?
The iris scanner is the most useless way of unlocking a phone (aligning your eyes just perfectly on that perfect angle… who has time for that ?) Capacitive fingerprint scanners have peaked, they cant get any more faster, so no they were right to opt for the ultrasonic sensor since its doesnt require an extra cutout on the phone, more secure, and has the potential to get way faster than the capacitive one.
I haven’t said that the face ID (if you are talking about the one on iPhones) can be easily fooled because it’s not just that it can be fooled and there already a couple of proofs you can Google or YouTube.
And though you might be right about the ultrasonic indisplay fingerprint right now it doesn’t seem to be matured and therefore that secured. Maybe in a year or 2.
Biometrical systems will probably never beat good passwords – it’s a thing of convenience vs security. People can also much easier force you to open biometrical security than telling a password.
These systems are “good enough” for casual users and much better than no password at all or unlock patterns, but if someone really cares about the data on it..stick to a password.
My main point is though……………if someone wants into your phone…………you are not going to stop them. That is all you need to remember
To be fair……..if you have access to this equipment and resources, you could also 3d print an exact clone of someones face etc couldn’t you?……………so all biometrics start to fall apart bringing us full circle to the retina scanner option perhaps being the most secure?
I am a bit meh as to be honest, nobody wants or cares about my data and if they nick my device, it will be locked before they can say “ebay” so face lock it is.
3d printers are quite common and “cheap” nowdays, and that doesn’t help. Dunno about all that steps backwards security – Iris scanners abandoned, secured fingerprint physical scanners – abandoned. Replaced by totally unsecured face recognitions that was ABANDONED for years till this recent return and ofc those fingerprint sensors under the screens that are not secured and slow + high fail rate to scan your finger. This thing is actually quite easy scenario (from the article). You can literally use the new huawei p30 x5 optical zoom (or other phones or dslr (and some have absurd optical zoom levels, etc)… Read more »
That’s my point though……………..if your data is worth that effort…………….you are using the wrong device and security methods.
And I appreciate that it seems easy………….but it’s not really. This guy is not some noob. He knew exactly what he was doing to achieve this.
Any (ANY) phone is more secure with a password or pattern instead. This is all just about weighing up convenience and security.
To the average Joe………..this fingerprint scanner is just fine.
lol. passwords or any pattern can easily be hacked actually if someone knows how to do it. that’s all. all methods can be hacked actually. no exemption. but i think the most biometrics that’s very hard to fool is the iris scanner coz you need to have a nice shot of his iris before you can 3d print his iris.
And to obtain a fingerprint you just have to follow someone through his entire day hoping that he/she will have enough greasy fingers & you will get the right fingerprint to get a photo shot that could be processed via method described above ^^ In fact the “old-fashioned” – pin/passcode, password & pattern – methods are the easiest method of locking device, because most of the people uses extremely trivial password or pin/pattern combinations. More tech savvy user have more complicated, but alas they can be cracked to its just matter of time and willingness of a thief. Some people… Read more »