Banks kill biometric support for Samsung Galaxy phones

Nationwide and Natwest among several banks taking action after a fingerprint glitch was revealed last week

Major UK banks have withdrawn biometric support for their apps on Samsung Galaxy S10s after reports of a glitch in its fingerprint sensor.

Nationwide Building Society and Natwest have taken action to minimise risk to S10 users after Samsung confirmed its in-screen fingerprint sensor could recognise fingerprints from any users on certain third-party screen protectors. This issue affects the Samsung Galaxy S10, S10+, S10 5G, as well as Note10 and 10+.

Advertisement - Article continues below

In the absence of a patch, Natwest has removed the app from the Google Play Store for users with the affected handsets, while users who already have the app installed are finding the fingerprint login option has been disabled.

"We've removed the app from the Play Store for customers with Samsung S10 devices," a distributed customer support message said, that Natwest confirmed with IT Pro was genuine. "This is due to reports that there are security concerns regarding these devices. We hope to have our app available again shortly once the issue has been resolved."

Nationwide, meanwhile, is still allowing users to access its banking app but is recommending that the fingerprints authentication option is removed.

This is in addition to a host of international banks that have also taken similar action, according to reports from Reddit.

Advertisement
Advertisement - Article continues below

IT Pro also approached Nationwide for comment.

Support for biometric authentication has been dropped in the context of legacy UK banks aiming to become more digitally-savvy in the modern era.

Advertisement - Article continues below

Natwest and RBS, launched a biometric-enabled debit card trial earlier this year, in which customers can use their fingerprint when paying for goods valued at more than 30.

Although many users may see the move to temporarily cut biometric support as an overreaction, cyber security specialist with ESET Jake Moore has labelled the decision as an "excellent response".

"It may sound a bit hasty but banks must look after their customers where they can, and being aware of the most current threats shows that they are on point," he said.

"However, with regards to any apps related to financial or sensitive personal data, two-factor authentication (2FA) should be in place by default to add extra security.

"Passwords plus another form of verification will prevail against the majority of attacks and customers need to recognize this. Encouraging users into 2FA is the best way of introducing this extra layer of protection quickly."

This isn't the first time the Samsung Galaxy S10 fingerprint reader has run into difficulties, with reports earlier this year suggesting the in-screen scanner could be unlocked using a 3D-printed fingerprint.

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
Police use of facial recognition ruled unlawful in the UK
privacy

Police use of facial recognition ruled unlawful in the UK

11 Aug 2020