Security patch introduced unexpected issue

Apr 22, 2019 09:03 GMT  ·  By

A security issue on the high-end Nokia 9 PureView smartphone allows anyone to unlock the device, using not only unregistered fingerprints, but even things like a pack of gum.

A video showing the unexpected bug was published recently on Twitter, with several users confirming the problem on their devices too.

In other words, this doesn’t seem to be just an isolated case, and most likely, the issue was introduced in the latest Android 9 Pie update labeled as version 4.22.

According to the official changelog, this update is supposed to improve system stability, bring user interface enhancements, and deploy the April 2019 Google security patch for Android.

Twitter user Decoded Pixel was the first to report the problem, explaining that the Nokia 9 can be unlocked even with a fingerprint that hasn’t been registered. “This is a massive security flaw,” the user posted before someone else then responded that this happens “every once in a while.”

HMD tight-lipped so far

A video posted by the same user shows the Nokia 9 being unlocked with someone else’s finger and with a pack of chewing gum, all by simply touching the screen in the region where the fingerprint sensor is embedded into the glass.

Nokia hasn’t yet acknowledged the issue, and users on reddit confirm you can unlock the Nokia 9 with pretty much any finger or other objects.

“I've got one and it's a joke ... Register one finger and any can unlock, tapping rapidly & randomly can unlock it, tapping it with a t-shirt/cloth wrapped around your finger will unlock it... It's terrible,” one user explained on reddit.

It remains to be seen how fast a patch is shipped this time, but in the meantime, users should disable fingerprint unlocking and stick with the standard passcode system to block unauthorized access to their devices.