Samsung uses ultrasound sensors for the two flagship smartphones Galaxy S10 and Galaxy S10 + (test). But even the safer advertised technology can be deceived, as a user on Imgur showed by photography and 3D printing. By his own account, he succeeded in a few minutes.
Even an ultrasonic sensor can be easily deceived
So far used in smartphones display fingerprint sensors use an optical sensor, more precisely, a camera that lights up through the display. This is the case, for example, with smartphones such as the OnePlus 6T (test) or Huawei Mate 20 Pro (test). In this year's new edition of its flagship three Samsung, however, inter alia, to a model of ultrasound working by Qualcomm. This has the advantage that the area of the display used for the sensor does not have to be illuminated in the detection phase. In addition, an ultrasonic fingerprint sensor works more reliably with wet fingers or backlighting. The security has been increased, according to Samsung.
Now, however, users are documenting “Dark Shark“On Imgur, how he successfully simulated his own fingerprint and fooled the ultrasound sensor. Necessary for this was a 3D printer, which he fed with a previously processed photograph of his fingerprint on a glass. For the template, in turn, only the smartphone itself and an image editing program were required, with the help of which he reinforced the contrasts. With a modeling software, he then helped the template to the third dimension. Already on the third attempt, the experiment was successful, the first attempt was only failed because he had not mirrored the template.
Passwords are still safer
With his contribution “Dark Shark“Also show how simply allegedly safe protective measures can be remedied. If the perpetrator has the right equipment, certainly also recordings from a greater distance are possible, so his assessment. Presumably, your own fingerprints anyway directly on the protected smartphone available; Potential thieves would have a direct key and lock in their hands. Above all, more critical data such as bank information should always be password protected, the user warns. In the comments he adds, having distorted his own fingerprints on the images shown.