Samsung‘s flagship models, S10, S10+ and S10e, which has been introduced with built-in display fingerprint sensor got easily manipulated by the 3D fingerprint model made by an user known as darkshark over the internet to expose the frail security system of the company.
He replicated a 3D model of his fingerprint on a wineglass that mapped out even his blood veins to fool the Samsung’s built-in fingerprint reader.
According to the verge, in a post on Imgur, user darkshark outlined his project: he took a picture of his fingerprint on a wineglass, processed it in Photoshop, and made a model using 3ds Max that allowed him to extrude the lines in the picture into a 3D version. After a 13-minute print (and three attempts with some tweaks), he was able to print out a version of his fingerprint that fooled the phone’s sensor.The Galaxy S10’s fingerprint sensor doesn’t rely on a capacitive fingerprint scanner that’s been used in other versions of the phone, using instead an ultrasonic sensor that’s apparently more difficult to spoof. Darkshark points out that it didn’t take much to spoof his own fingerprint. A concern, he notes, is that payment and banking apps are increasingly using the authentication from a fingerprint sensor to unlock, and all he needed to get into his phone was a photograph, some software, and access to a 3D printer. “I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it,” he writes.
As his colleague Russel Brandon noted a couple of years ago, fingerprints aren’t as secure as you’d think — they can get stolen and spoofed, even on the most advanced phones.