When Apple unveiled Face ID in the iPhone X in late 2017, industry experts said the company’s face identification technology was so advanced, it would take Android manufactures two years to catch up with the Cupertino company.
Instead of waiting to play catchup, some of the bigger Android manufacturers, like Samsung, tried to out-innovate Apple by including a biometric authentication technology in their phones that Apple never included in the iPhone: an in-display fingerprint reader.
Samsung’s Galaxy S10 series, introduced earlier this year, has been the most high-profile Android phone launched with an in-display fingerprint reader. And while the tech does look super cool, it now also appears that it’s super easy to hack.
An Imgur user by the name of “Darkshark” has revealed he managed to fool the Samsung Galaxy S10 in-display fingerprint reader with a cheap 3D-printed replica of his fingerprint. To do this, Darkshark simply took a picture of his fingerprint on a wine glass, imported it into Photoshop, and then made a 3D model of his print in 3ds Max, which he then printed on a consumer-grade 3D printer. When he placed his 3D-printed fingerprint on the Galaxy S10’s in-display fingerprint reader, the phone unlocked.
If you want to be freaked out by how easy this process is to replicate, check out Darkshark’s post here, complete with a video of his fake print unlocking his S10. And as Darkshark points out in his post, someone wouldn’t have to steal both your fingerprint and your phone to unlock it using this method. They would only need your phone as your fingerprints are already all over it, which they could then easily photograph and 3D print:
This brings up a lot of ethics questions and concerns. There’s nothing stopping me from stealing your fingerprints without you ever knowing, then printing gloves with your fingerprints built into them and going and committing a crime.
If I steal someone’s phone, their fingerprints are already on it. I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it. Most banking apps only require fingerprint authentication so I could have all of your info and spend your money in less than 15 minutes if your phone is secured by fingerprint alone.