Biometric authentication is a critical capability on smartphones today, especially for regulated industries and government agencies. Leveraging unique biometric identifiers to authenticate users provides a high level of protection for sensitive data, while mobile users enjoy a convenient unlock and sign-in experience. It’s — literally — security at your fingertips.
Over the past year, there’s been great interest and speculation about our new approach to the fingerprint technology on the new Galaxy S10 devices. As we revealed at the Unpacked event on Feb. 20, Samsung has implemented a new ultrasonic sensor that images the user’s fingerprint through the screen on the Galaxy S10, Galaxy S10+ and Galaxy S10 5G. The smaller Galaxy S10e incorporates a capacitive fingerprint sensor into the power button on the device’s right bezel.
Users Prefer Fingerprint
Our decision to adopt the in-screen fingerprint ID technology on the Galaxy S10, S10+ and S10 5G was driven by consumer research. Our data shows that fingerprint is by far the most utilized biometric method for unlocking Samsung phones. We also know that most users prefer a fingerprint sensor that is centered on the front of the device, so they can conveniently reach it with their thumb.
But there’s a catch: Users also want a large display with the thinnest possible bezels. Developing an in-screen fingerprint sensor — one that would not take up screen real estate — presented a significant technology and design challenge. It was critical that the solution was highly secure and would meet the stringent requirements of enterprise customers.
Instead of using an optical fingerprint sensor, we implemented ultrasonic technology. The ultrasonic wave is transmitted through the display, and the ultrasonic pulse captures the uniqueness of the fingerprint. There are several advantages of our ultrasonic method for biometric verification:
- With the optical method, there is a visibility issue for sensors and this can result in lower recognition rates in strong sunlight. The ultrasonic method has a higher recognition rate outdoors, and works well in low temperature conditions.
- Using ultrasonic fingerprint ID counteracts spoofing attempts using 2D replicas of a person’s fingerprint. Every ridge and notch of the user’s print is mapped in 3D. To enhance security further, we use a machine learning algorithm to help detect the differences between real fingerprints and forged 3D replicas.
Leveraging Biometrics in the Enterprise
Leveraging biometrics as part of your information security strategy has two primary benefits.
Firstly, it provides the utmost convenience when unlocking the device or secure work applications. Biometrics replace cumbersome passwords for repeat logins, saving users time and frustration. A security system is most effective when it is unobtrusive and useable while remaining highly secure. If security gets in the way of doing business, it will not be adopted effectively.
The second benefit is in enabling the implementation of two-factor authentication. Here, biometrics are used in addition to the PIN or password. The two-factor authentication test is not just “something you know” (a password), but also “something you are” (your fingerprint). In most implementations, it also involves “something you have” (your phone), since the biometric access is limited to your individual device.
Mandating that users register biometrics to unlock their phones or access secure work containers is a good start. This policy can be implemented within most mobile device management (MDM) solutions and helps to encourage adoption.
IT leaders can also educate users about tools like Samsung Pass, which allow them to expand the use of biometric login to line-of-business applications and frequently accessed cloud services. With Samsung Pass, the user is prompted to “replace” their user name and password when they first access the app; thereafter, they just use their fingerprint.
Security-conscious enterprises can also implement two-factor authentication for their own secure workspace containers and apps. This can be done as part of the broad set of security controls and features within the Knox Platform for Enterprise offering.
Biometrics Built on a Secure Foundation
Security isn’t a single technology or layer — it’s a principle. Samsung phones are engineered for security from the chip up, starting with the hardware root of trust and extending up to real-time kernel protection, the operating system and the application layers. All of the leading enterprise mobility management (EMM) solutions integrate closely with the Knox platform, enabling seamless enrollment, granular security management, advanced customization and control over firmware updates.
Samsung’s biometric implementations are built on this defense-grade foundation. With the new ultrasonic fingerprint ID technology, there are no tradeoffs. You don’t have to sacrifice user experience for security. Whether you are a mobile worker who needs to quickly access work data, or an enterprise information security lead, we’re putting security at your fingertips.
Learn more about Samsung’s new, next-gen Galaxy S10e, S10 and S10+ smartphones.