- Samsung explains a security flaw that lets anyone's fingerprint unlock a Galaxy S10 or Note 10.
- The problem stems from certain silicone cases that protect the front display and trick it into thinking a valid fingerprint is being registered.
- Samsung promises a software patch is coming next week to fix the problem.
"This issue involved ultrasonic fingerprint sensors unlocking devices after recognizing 3-dimensional patterns appearing on certain silicone screen protecting cases as users' fingerprints," Samsung said, referring to the in-screen fingerprint reader on its newest phones. "To prevent any further issues, we advise that Galaxy Note10/10+ and S10/S10+/S10 5G users who use such covers to remove the cover, delete all previous fingerprints and newly register their fingerprints."
The flaw came to light on Thursday. CNBC was unable to re-create the flaw on a demo Galaxy Note 10 device, but it seems that it requires a silicone case that also protects the screen. CNBC tested using a third-party screen protector and with a clear plastic case placed over the screen. Still, Samsung warns against using any front screen protective cover for now.
"If you currently use front screen protective covers, to ensure optimum fingerprint scanning, please refrain from using this cover until your device has been updated with a new software patch," the company said.
"A software update is planned to be released as early as next week, and once updated, please be sure to scan your fingerprint in its entirety, so that the all portions of your fingerprint, including the center and corners have been fully scanned."
The flaw is especially worrisome because fingerprint sensors not only unlock Samsung phones, but also enable payments through the company's Samsung Pay system.