The disastrous security blunder associated with the Galaxy S10, which has seen devices able to be unlocked by literally any thumbprint, may seem like an embarrassment for Samsung. But the issue, in fact, has deeper implications for the smartphone industry in particular, and the technology industry in general.
It wasn’t that long ago that the idea of unlocking a device via a fingerprint seemed like something out of science fiction. And with every person’s fingerprints being slightly different, it also seemed like a superb way to ensure that devices could be kept completely secure.
But that was then, and this is now. It is becoming increasingly clear that fingerprints are no longer the future of security, and technology firms are beginning to realize this. It is not merely the embarrassment regarding the Galaxy S10 that has underlined this; Apple and Google have already moved away from fingerprint unlocking, instead implementing systems related to facial recognition.
This latter approach to security is far more sophisticated, as breaking a facial recognition system is almost impossible. Quite simply, the breadth of data captured by Apple’s Face ID and Google’s Motion Sense is so wide that they are able to identify users beyond all doubt. Whereas we have already seen with fingerprint sensors that there are various ways to fool them, even if Samsung will probably successfully patch this latest problem reasonably rapidly.
Samsung now faces a big decision for future Galaxy releases, namely whether or not it chooses to keep a fingerprint sensor. The whole fingerprint issue has been a pretty disastrous for Samsung, even though its recent history in the smartphone marketplace has been highly successful. Over the last few years the Galaxy range has shot past the iPhone in worldwide sales, making Samsung the de facto biggest mobile seller on the planet.
Yet despite the recent problems with fingerprint sensors, several experts had the foresight required in order to predict that such issues could emerge. Back in 2016, Kaspersky published an article questioning the capabilities of capacitive scanners to recognise fingerprints adequately.
The company also acknowledged that technology was moving on rapidly, but asserted that even if fingerprint reading technology significantly improved, there will always be the danger of criminals stealing fingerprints. Indeed, this is one of the major arguments against handing over biometrics to private corporations, simply the fact that it is such a potential security risk.
Researchers have since demonstrated that it is rather easy to steal a fingerprint, without ever requiring any form of face-two-face contact. It can even be achieved with a high-quality photo of a victim’s fingers, we can even be captured with a camera included in a Samsung Galaxy device. One wonders if the irony is lost on them!
Apple and Google have made very sensible moves by shifting towards facial recognition, and away from the highly corruptible fingerprint sensor. And it will be a move that is eventually mirrored by the entire technology industry.