Galaxy S10 Blacklisted by Some Banking Apps Following Fingerprint Vulnerability


Last week, several Galaxy S10 units that used glass/silicone-based screen protectors were found to be afflicted with a vulnerability that allowed just about anyone to unlock the device using a fingerprint. Samsung responded by asking users to refrain from using said screen protectors and that they'd roll out a software fix for the issue in the coming week. In the meanwhile, some banking apps that rely on fingerprint authentication have disallowed Galaxy S10 users from downloading or installing their apps from the Play Store while others have disabled the option to use the fingerprint scanner as a form of verification. Our Singapore-based writer Imran Hussain even received the following notification from his bank.

Apple’s iPhone 13 Could Feature In-Display Optical Fingerprint Scanner

Some other banks such as NatWest and Nationwide Building Society in the UK appear to have taken the countermeasures a step further. According to a Reddit post, a user confirmed that the NatWest Bank just pulled their banking app off the Play Store for Galaxy S10 and Galaxy S10+ users. Nationwide Building Society is taking a saner path and are merely disabling the fingerprint authentication option in their apps.


In the same Reddit thread, users based in several regions echo a similar sentiment. Thankfully, most banks have only disabled fingerprint authentication in their apps and not pulled the app altogether. Most US-based banks don't seem to have implemented any of the measures just yet.

Is this an overreaction on the banks' part?

The answer is both yes and no. Yes, because some banking apps use fingerprints as the only method of user verification. The banks don't want to be liable in the off chances that someone gets their money siphoned off by a phony fingerprint. While pulling the app is legitimately overkill, disabling the fingerprint authentication option is a much saner option until Samsung rolls out the much-awaited fix. Besides, most banking apps have other measures in place to ensure that they make it harder for unauthorized individuals to transfer money out of an account illicitly.

On the other hand, it is a bit of an overreaction because the vulnerability affects only users who use a certain type of screen protector and isn't representative of everyone that uses a Galaxy S10 or S10+. Disallowing users who are unaffected by the vulnerability from using biometric authentication comes off as a little too much. We're still grateful that banks were aware of the problem and took appropriate measures before anyone could get affected.

News Source: Piunikaweb