Some Nokia 9 owners have reported a serious security flaw with the in-display fingerprint sensor on their units. Many users had initially complained about the sensor’s accuracy when the device came out. HMD Global did send out a software update last week which was supposed to improve the accuracy. However, a security flaw has been detected in several units whereby even unregistered fingerprints have been able to generate a positive match and grant access to the device.
In addition to producing false positives from unregistered fingers, which is something that a fingerprint sensor should absolutely not do, there’s even an instance of the sensor allowing access when coming into contact with a packet of gum.
Videos posted on Twitter show the device being unlocked with a chewing gum packet. The fault was reproduced multiple teams with a quick, gentle, and repeated tapping of the unregistered object on the fingerprint sensor zone. The device would vibrate and the unlock, allowing unfettered access to its contents.
HMD Global has responded and said that it’s currently investigating the matter. Juho Sarviaks, HMD’s chief product officer, said that the company hasn’t been able to reproduce the issue but the UK team will reach out to the person in question to further investigate the problem.
@NokiaMobile @TechAltar here is another video of Nokia 9 being unlocked with a chewing gum packet. Phone has no tempered glass screen protector and display was cleaned before recording. pic.twitter.com/GqBVhmTiTZ
— Decoded Pixel (@decodedpixel) April 22, 2019