False alarm: Samsung’s fingerprint sensor “issue” wasn’t a security flaw after all.

If you happen to be the proud owner of a Samsung Galaxy S10 or Note 10, you are probably aware of some drama concerning your device’s fingerprint sensor. Chances are that you were notified by Samsung that a patch was coming, and may have some questions about whether or not your device is secure, or whether or not you can trust its in-display fingerprint sensor ever again. I am here to answer those questions for you, since tech journalists have evidently decided to sensationalize a non-issue rather than dig into what the problem actually was. In some instances, the nature of the problem appears to have even been misreported, further adding to the confusion about what was happening and what it meant for Samsung and Samsung customers.

A good place to start is to confirm that yes, your device is secure, and yes, you can absolutely trust that fingerprint sensor. There was never a problem with the sensor in the first place, or the technology behind it. Both are solid. The issue was with some kinds of unapproved screen protectors interfering with the fingerprint scans – and therefore not a Samsung issue at all. We will get back to that in a moment.

Optical vs Ultrasonic fingerprint scanners 101: 

To better understand what happened, let’s briefly talk about what this sensor does and doesn’t do, and what the current market alternatives are. Basically, right now, in-display (built into your screen) fingerprint sensors mostly come in two different flavors: optical sensors and ultrasonic sensors. Optical sensors capture a 2D image of a user’s fingerprint – like a picture – and recognize the dark and light patterns of that user’s fingerprint. The process is similar to what you see in movies and crime shows when the police does a fingerprint match search in their database: It’s picture for picture, pattern for pattern, and it is essentially flat. 2-dimensional. That’s what an optical sensor does. An ultrasonic sensor is more like radar (or sonar if you prefer Naval analogies): Instead of taking a 2D image of a fingerprint, it captures a 3D image of it, and measures the “ridges and valleys” of a user’s fingerprint. This ability to map fingerprints in three dimensions instead of just two makes ultrasonic fingerprint readers considerably more secure and advanced than their optical counterparts, which is probably why Samsung chose to invest in that technology instead of the other for their new flagship phones. (I predict that ultrasonic sensors will replace optical scanners, since they are far more precise, advanced, and secure.)

This may be a good time to bring up that pretty much every other phone OEM still uses optical fingerprint scanners right now, and that Samsung is well ahead of the curve on that front.

And yes, since I brought up movies and TV shows, because they depend on a 2D image of a fingerprint rather than a 3D scan of a fingerprint, optical scanners can be fooled by high-resolution photos of a fingerprint, so long as you use the right kind of paper and contrast to present to the scanner. (What you see in spy movies isn’t far from the mark in this regard, and while optical fingerprint scanners are terrific for 99.999% of users, they do create a security vulnerability for individuals who might be worthy targets of espionage, blackmail, and theft.) Samsung decided to remove that vulnerability from its devices altogether by replacing optical fingerprint scanners with ultrasonic ones.

So what exactly happened here?

The simplest way to explain what happened, and why things went a little wrong for Samsung last week, is that while ultrasonic fingerprint scanners are vastly superior to optical ones, and extremely reliable, putting them inside the device’s display (the screen) exposes them to an annoying variable: Screen protectors.

In a perfect world, no one would use a screen protector or a cover on their beautiful, slick smartphones. But we live in an imperfect world, and phones get dropped and tossed into pockets and bags with keys and coins, and other objects with sharp edges, so a lot or people add a clear screen protector to their new phone. And that additional layer of material can interfere with an in-display ultrasonic fingerprint scanner. Now, Samsung understands that consumers like to put screen protectors on their devices, so the engineers who developed this solution designed it to work with screen protectors. In case you were suddenly worried about this, yes you can put a screen protector on your new S10 or Note 10. It’s just that if you do, you need to make sure that it is approved for use with these two phones – in other words, you need to make sure that the screen protector you use for either of those devices is compatible with the in-display ultrasonic fingerprint sensor before you buy it and apply it to your screen.

If you don’t, and just buy a random screen protector from some unapproved third party vendor, chances are that it might not allow the scanner to do its job properly, and that is precisely what happened this past week: Someone used an unapproved screen protector on a new Samsung phone, and the sensor was no longer able to properly read the ridges and valleys of fingerprints being presented to the display. Specifically, a silicone screen protector could trick the sensor into accepting a different 3D pattern rather than a  “fingerprint” scan – essentially a null fingerprint – which would be indistinguishable from anyone else pressing their fingerprint to the screen afterwards. Without ridges and valleys in the capture, all fingerprints would look the same to the scanner: featureless. And therefore, all featureless “scans” would unlock the phone. Because of a silicone screen protector that made all fingerprints look more or less featureless to the scanner.

This was a small software logic flaw inside the solution, not a cloud-based breach of fingerprint info, or a true security vulnerability. No one would ever be able to unlock an S10 or Note 10 with a random fingerprint unless the user had registered a “soft” fingerprint ID on setup because of a cheap screen cover, and that cover happened to remain on the phone afterwards. The scanner just hadn’t been taught to refuse silicone-softened fingerprint scans during the user setup process. That’s all.

So, did Samsung really fix the problem?

Yes.

What Samsung’s software patch does is essentially prevent that from happening.

Also, Samsung and its accessories partners are making it easier for consumers to identify for consumers which “approved” screen protectors for the S10 and Note 10 will not interfere with the in-display ultrasonic fingerprint scanner.

That’s it. Despite all of the panic and doom and gloom churned up by perhaps overzealous journalists and editors, the issue wasn’t really that bad, and has been fixed.

In closing, are ultrasonic fingerprint scanners safe and secure?

Yes.

In my opinion, more so than optical fingerprint scanners. So long as you don’t inhibit their ability to function by putting a cheap, unapproved screen protector over them, they are far better than alternative. On this point, Samsung really does offer a solid security feature that helps their flagship phones differentiate themselves from the rest of the field.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Author Information

Olivier Blanchard

Olivier Blanchard is Research Director, Intelligent Devices. He covers edge semiconductors and intelligent AI-capable devices for Futurum. In addition to having co-authored several books about digital transformation and AI with Futurum Group CEO Daniel Newman, Blanchard brings considerable experience demystifying new and emerging technologies, advising clients on how best to future-proof their organizations, and helping maximize the positive impacts of technology disruption while mitigating their potentially negative effects. Follow his extended analysis on X and LinkedIn.

Related Insights
The AI Stack- How Vendors Are Composing AI Strategy
July 17, 2026

The AI Stack: How Vendors Are Composing AI Strategy

Futurum's Mitch Ashley shares insights on the durable eight-layer AI stack and six emerging archetypes that help vendors and decision-makers interpret AI strategy commitments in a rapidly evolving market....
CMMC Pause Signals Compliance Risks for Defense Contractors
July 17, 2026

CMMC Pause Signals Compliance Risks for Defense Contractors

The DoD's CMMC Phase 2 pause has not suspended core federal data protection obligations for Defense Industrial Base contractors. Magna5 urges DIB firms to use this window to close NIST...
How Presidio's ISO/IEC 42001 Certification Sets a New Standard in AI Governance
July 16, 2026

How Presidio’s ISO/IEC 42001 Certification Sets a New Standard in AI Governance

Presidio achieves ISO/IEC 42001 certification as a credentialed AI partner, addressing the 55.6% expertise gap among channel partners and setting a new competitive standard in enterprise AI governance....
Why Ignoring Security in AI Deployments Could Cost You More Than You Think
July 16, 2026

Why Ignoring Security in AI Deployments Could Cost You More Than You Think

Organizations deploying AI without robust security risk data breaches, regulatory failure, and reputational damage—Concentrix shows why integrating security from the start costs less than treating it as an afterthought....
Is F5's New Fleet Management the Key to Cyber Resilience in the AI Era?
July 16, 2026

Is F5’s New Fleet Management the Key to Cyber Resilience in the AI Era?

F5 launched F5 Insight for ADSP v1.2 with advanced fleet management workflows designed to streamline BIG-IP patching and software updates, directly addressing the compression of vulnerability response timelines in the...
Selling Agent Provenance to the CIO: Entire Changes Who Signs
July 14, 2026

Selling Agent Provenance to the CIO: Entire Changes Who Signs

Futurum stakes a position on Entire's distributed Git launch: agent provenance is the control point, the mirror network is the wedge, and the decision moves to the CIO. The analysis...

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.