Banks kill biometric support for Samsung Galaxy phones

Nationwide and Natwest among several banks taking action after a fingerprint glitch was revealed last week

Major UK banks have withdrawn biometric support for their apps on Samsung Galaxy S10s after reports of a glitch in its fingerprint sensor.

Nationwide Building Society and Natwest have taken action to minimise risk to S10 users after Samsung confirmed its in-screen fingerprint sensor could recognise fingerprints from any users on certain third-party screen protectors. This issue affects the Samsung Galaxy S10, S10+, S10 5G, as well as Note10 and 10+.

In the absence of a patch, Natwest has removed the app from the Google Play Store for users with the affected handsets, while users who already have the app installed are finding the fingerprint login option has been disabled.

"We've removed the app from the Play Store for customers with Samsung S10 devices," a distributed customer support message said, that Natwest confirmed with IT Pro was genuine. "This is due to reports that there are security concerns regarding these devices. We hope to have our app available again shortly once the issue has been resolved."

Nationwide, meanwhile, is still allowing users to access its banking app but is recommending that the fingerprints authentication option is removed.

This is in addition to a host of international banks that have also taken similar action, according to reports from Reddit.

IT Pro also approached Nationwide for comment.

Support for biometric authentication has been dropped in the context of legacy UK banks aiming to become more digitally-savvy in the modern era.

Natwest and RBS, launched a biometric-enabled debit card trial earlier this year, in which customers can use their fingerprint when paying for goods valued at more than 30.

Although many users may see the move to temporarily cut biometric support as an overreaction, cyber security specialist with ESET Jake Moore has labelled the decision as an "excellent response".

"It may sound a bit hasty but banks must look after their customers where they can, and being aware of the most current threats shows that they are on point," he said.

"However, with regards to any apps related to financial or sensitive personal data, two-factor authentication (2FA) should be in place by default to add extra security.

"Passwords plus another form of verification will prevail against the majority of attacks and customers need to recognize this. Encouraging users into 2FA is the best way of introducing this extra layer of protection quickly."

This isn't the first time the Samsung Galaxy S10 fingerprint reader has run into difficulties, with reports earlier this year suggesting the in-screen scanner could be unlocked using a 3D-printed fingerprint.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020
Government agencies see misconfigured cloud services as top security threat
Security

Government agencies see misconfigured cloud services as top security threat

22 Oct 2020
Lookout reveals mobile-first endpoint detection and response solution
Security

Lookout reveals mobile-first endpoint detection and response solution

21 Oct 2020
Cisco finds an increase in security concerns due to remote working
Security

Cisco finds an increase in security concerns due to remote working

21 Oct 2020

Most Popular

The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020