Samsung Galaxy S10: the fingerprint sensor tricked by a 3D print
A bit of ingenuity and from a photo of a fingerprint, a researcher has created a 3D model printed on resin: it was enough to deceive the fingerprint sensor of the new Samsung Galaxy S10.
As a demonstration of how biometrics, even with all its advantages and strengths, is not the panacea for all the ills for computer security, a security researcher, known only with the nickname Darkshark, publishes a video on Imgur in which shows how he managed to fool the new Samsung Galaxy S10 fingerprint sensor.
The researcher says he took a photograph of his own fingerprint, left on a glass of wine. The photograph was then processed with Photoshop and subsequently fed to 3Ds Max to obtain a three-dimensional model that was printed in resin using an AnyCubic Photon LCD printer.
It took three prints before finding the right size and, above all, the correct depth of ridges and valleys of the fingerprint. A single print took just 13 minutes to work. But once the ” synthetic ” fingerprints were obtained, the researcher was able to unlock the phone as shown in the video.
Samsung Galaxy S10 is equipped with an ultrasonic fingerprint sensor, on paper less prone to attempts to circumvent than the optical type sensor. These two types of sensors are the only ones that can currently be installed under the glass of the device, while the sensors integrated in the buttons are capacitive.
The optical type sensor performs a visual comparison between the registered digital impression and the one you want to use for unlocking, and in some cases it can be misled by a simple two-dimensional high-definition photograph.
The experiment conducted by the researcher may seem like an extreme case, as some expertise is needed in the use of 3D printing software and equipment, as well as physical access to the device. But it is also true that, as Darkshark himself points out, on a stolen smartphone it is rather likely to find the fingerprints of its owner.