A lone security researcher just gave Samsung’s mobile phone cybersecurity technology the finger. According to a video posted on the Imgur site on Friday, it’s possible to bypass the biometrics on the new Galaxy S10 range in just a few minutes, using a 3D-printed fingerprint.
Released in February, almost every phone in the Galaxy S10 range features a fingerprint reader under the screen, contrasting with the previous generation of Galaxy S phones which put it on the back of the device. The only exception is the S10 Essential, which has a capacitive resistor on the side of the phone.
Capacitive technology is what most modern non-display fingerprint sensors use. It measures the electrical resistance between the tiny ridges and valleys of your fingerprint as they contact the sensor, creating a 2D image of it.
Under-display sensors take a different approach, using ultrasonic technology to bounce sound waves off the user’s finger. This creates a 3D ultrasound image of your fingerprint, containing information about the depth of its ridges and valleys.
Cool, right? Not according to Darkshark, an anonymous researcher who appeared to show themselves unlocking a Samsung S10 using a 3D printed-fingerprint.
In the description, Darkshark said that they photographed their finger on the side of a wine glass using their smartphone. Then they used Photoshop to increase the contrast and create an alpha mask (which is a fully-opaque version of an image). Using the 3DS Max 3D modeling software, they created a geometry displacement, which is a version of the alpha image with depth information from the original. Then, they used an Anycubic Photon resin-based 3D printer, which costs around US$500, to reproduce the print.
The whole process took around 13 minutes, and Darkshark said that it could take less time still:
If I steal someone’s phone, their fingerprints are already on it. I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it.
This isn’t something that would work with capacitive sensors, because a 3D print wouldn’t have the electrical resistance to mimic a human print. It’s also worrying because of the number of apps that are using fingerprint biometrics as a form of authentication, warned Darkshark:
Most banking apps only require fingerprint authentication so I could have all of your info and spend your money in less than 15 minutes if your phone is secured by fingerprint alone.
One such financial app? The cryptocurrency wallet that Samsung has released for its smartphones. The software, which supports at least Ethereum-related tokens, “features a secondary layer of authentication that includes PIN and fingerprint” according to Android Authority.
All of which tells us, more than ever, that one form of identification might not be enough. If you want to be extra careful, then defense-in-depth is a useful approach. It is possible to add a screen lock to your S10 that requires a PIN, password or pattern swipe for access.
Or you could just, um, wear gloves any time you touch anything?
Gotto
It doesnt matter, u can bypass all the security on any phone with boot loaders, get root, then get all the info, doing it fast is what matters though. Have to do it all probably within 24 hours because at that point, someone would report their phone stolen and start canceling services.
Paul Ducklin
If the phone is encrypted and has a passcode on it, that statement is quite false. Even if you can install an alternative recovery partition and get a root shell right on the phone itself, the data partition will be just so much shredded cabbage. You may be able to get some info off the device – notably the data on any SD card partitions, which are generally unencrypted – but good luck getting at the data partition and stored authentication tokens, passwords and so forth.
Your “doesn’t matter” claim that you can inevitably “bypass all the security” and “get all the info” just by booting it up with your own bootloader sounds scary, but is wrong.
Anonymous
Gotto, problem with that process is you may lose all data by rooting the phone.
Mahhn
hmm, maybe a standard printer that does raised letters would do the same for even cheaper.
Paul Ducklin
Other fingerprint hacks on other phones have used that trick – a laser printer with the “use a lot of toner to make a high contrast image” option cranked up really high turned out to create what was essentially a “2.5 dimensional” fingerprint mould. Carefully fill with woodglue, allow to set, peel off, and lo! Synthetic fingerprint that was 3D enough to work.
SImon McAllister
“This isn’t something that would work with capacitive sensors, because a 3D print wouldn’t have the electrical resistance to mimic a human print”
It’s just a matter of time before electrical resistance is mimicked. I see using my fingerprint as a method for convenience, not security.
Paul Ducklin
In some previous hacks (e.g. using woodglue moulded prints), just licking the woodglue lightly was enough to create the conductivity characteristics that made the sensor figure, “Alive.”
Anonymous
there is also conductive 3D printer filament that could kind-of mimic a human finger for the tradidional sensors