One of the biggest features that was hyped up for the launch of the Galaxy S10 was the arrival of a fingerprint sensor under the display. It’s been claimed that this sensor is “harder to spoof,” but in just 13 minutes and with access to a 3D printer, one user was able to fool the Galaxy S10’s sensor. Here’s how.

Detailed in a post on Imgur, user DarkShark explains how he fooled the Qualcomm-made ultrasonic fingerprint sensor in his Galaxy S10 using a 3D print. The process started with a picture, taken on a Galaxy S10, which was dropped into Photoshop for editing. The alpha mask created in Photoshop was then pulled into a program called 3ds Max which was able to create a raised model of the fingerprint.

Finally, the model created by that program was used with a 3D printer which costs well under $500 and was able to print out the highly accurate 3D model. Print time itself took just 13 minutes while the user claims he could go from photograph to model in under 3 minutes.

Why is this notable? For one, this isn’t something that’s unique to ultrasonic sensors. There are examples of using 3D printing to unlock capacitive sensors on iPhones in the past. However, this user’s success is interesting because Qualcomm claimed this sensor was harder to spoof. One of the company’s press releases even explicitly says that the sensor can “detect blood flow within the finger and actually prevent hackers from spoofing the device with a photo or a mold.”

Clearly, that’s not quite the case.

With ultrasonic or capacitive, 3D printing is a cause for concern when it comes to security. DarkShark describes a worst-case scenario that’s terrifyingly realistic in his post:

If I steal someone’s phone, their fingerprints are already on it. I can do this entire process in less than 3 minutes and remotely start the 3d print so that it’s done by the time I get to it. Most banking apps only require fingerprint authentication so I could have all of your info and spend your money in less than 15 minutes if your phone is secured by fingerprint alone.

Yikes.

I attempted to fool the new Samsung Galaxy S10’s ultrasonic fingerprint scanner by using 3d printing. I succeeded.

More on Samsung Galaxy S10:

FTC: We use income earning auto affiliate links. More.


Check out 9to5Google on YouTube for more news:

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author