After years of delays, Samsung finally jumped aboard the fingerprint-on-display (FoD) train but it may be costing users more than they’re willing to pay. Thanks to its new “Infinity-O” punch hole display, it has made face recognition practically useless as a security feature. Now there is at least one experiment that tries to prove how its ultrasonic fingerprint sensor is actually less secure than regular optical ones.
Unlike the optical fingerprint sensors use in both in-screen and regular external scanners, the Galaxy S10 uses Qualcomm’s ultrasonic fingerprint scanner that uses sound to map and identify the unique ridges of a person’s fingerprint. In addition to being usable with moist or wet fingers, it is also supposedly harder to fool.
One experiment, however, begs to differ. A certain darkshark simply took a photo of his own fingerprint left on the side of a wine glass, enhanced it in Photoshop, used 3ds Max to create a 3D model, and then 3D printed it on an AnyCubic Photon LCD resin printer. The entire process only took minutes and he was able to reliably unlock his phone with the fake fingerprint.
Of course, you’d have to get access to someone’s phone to be able to do anything but darkshark’s point is that most phones these days also come with the user’s fingerprints already. No need to con the user into giving a sample or, worse, use a “detached” finger.
darkshark also raises the question of how such biometrics are being used not just for unlocking phones but also for secure transactions with banks. With both face recognition and, now, fingerprint scanner shown to be easily fooled, Galaxy S10 users might want to use a PIN instead. Of course, that comes with its own flaws.