Samsung Galaxy S10 Plus fingerprint sensor

Fingerprint scanners aren’t just reserved for the very top-tier smartphones anymore. Even many budget phones sport the tech these days and it’s a cornerstone of app security. The technology has also moved on a lot from its early iterations, becoming faster and more accurate at capturing your fingerprint. With all that in mind, let’s take a look at how the latest fingerprint scanners work and what the differences are.

Stay secure: 15 best antivirus apps and best anti-malware apps for Android

Optical scanners

Optical fingerprint scanners are the oldest method of capturing and comparing fingerprints. As the name suggests, this technique relies on capturing an optical image essentially a photograph. It then uses algorithms to detect unique patterns on the surface, such as ridges or marks, by analyzing the lightest and darkest areas of the image.

Just like smartphone cameras, these sensors have a finite resolution. The higher the resolution, the finer details the sensor can discern about your finger, increasing the level of security. However, these sensors capture much higher contrast images than a regular camera. Optical scanners typically have a very high number of diodes per inch to capture these details up close. Of course, it’s very dark when your finger is placed over the scanner. The scanners, therefore, incorporate arrays of LEDs or even your phone’s display as a flash to light up the picture come scan time.

The major drawback with optical scanners is that they aren’t difficult to fool. As the technology is only capturing a 2D picture, prosthetics and even pictures of good quality can be used to fool this particular design. On its own, this type of scanner really isn’t secure enough to entrust it with your most sensitive details. As such, the industry has moved on to more secure hybrid solutions.

With an increasing demand for tougher security, smartphones have unanimously adopted superior capacitive and optical-capacitive hybrid scanners. These scanners use optical fingerprint data, combined with capacitive sensing to detect a real finger. The falling cost of technology has made these alternatives viable for mid-range products too.

With the move towards bezel-less displays, smaller optical modules are making make a comeback. They can be embedded underneath the display glass and only require a small area footprint. Some models on the market can operate successfully under 1mm of glass and with wet fingers something that messes with capacitive alternatives. Hybrid optical scanners are here to stay.

Capacitive scanners

Another common fingerprint scanner type used today is the capacitive scanner. You’ll find this type of scanner on the front and back of smartphones and even used as part of cutting-edge in-display variants. Capacitive scanners grew to prominence because of their additional security benefits. Again the name gives away the core component the capacitor.

Instead of creating a traditional image of a fingerprint, capacitive fingerprint scanners use arrays of tiny capacitor circuits to collect data. As capacitors store electrical charge, connecting them up to conductive plates on the surface of the scanner allows them to be used to track the details of a fingerprint. The stored charge will be changed slightly when a finger’s ridge is placed over the conductive plates. Conversely, an air gap will leave the charge at the capacitor relatively unchanged. An op-amp integrator circuit is used to track these changes, which can then be recorded by an analog-to-digital converter.

The theory and architecture behind a capacitive fingerprint scanning chip.

Slideshare

Once captured, this digital data is analyzed to look for distinctive and unique fingerprint attributes. They can then be saved for comparison at a later date. What is particularly smart about this design is that it is much tougher to fool than an optical scanner. The results can’t be replicated with an image. Additionally, they are incredibly tough to fool with some sort of prosthetic, as different materials will record slightly different changes in charge at the capacitor. The only real security risks come from either hardware or software hacking.

Creating a large enough array of these capacitors, typically hundreds if not thousands in a single scanner, allows for a highly detailed image of the ridges and valleys of a fingerprint to be created from nothing more than electrical signals. Just like the optical scanner, more capacitors result in a higher resolution scanner. This increases the level of security, up to a certain point. Nevertheless, high density costs a lot more to produce.

See also: The best security apps for Android that aren’t antivirus apps

Due to the larger number of components in the detection circuit, capacitive scanners had previously been quite pricey. Some early implementations attempted to cut the number of capacitors needed by using “swipe” scanners. They would collect data from a smaller number of capacitor components by quickly refreshing the results as a finger is pulled over the sensor. As many consumers complained at the time, this method was very finicky and often required several attempts to scan the result correctly. Fortunately, these days, the simple press and hold design is the default setup.

You can do more than just read fingerprints with these scanners, however. Newer models sport gesture and swipe functionality too. These can be used as soft button support to act as navigation keys, force sensing capabilities, or as a way to interact with other UI elements. However, premium-tier smartphones have moved on to in-display technologies.

Google Pixel 4a camera and fingerprint reader
David Imel / Android Authority

Ultrasonic scanners

The latest fingerprint scanning technology to enter the smartphone space is the ultrasonic sensor. It was first announced inside 2016’s Le Max Pro smartphone. Qualcomm and its Sense ID technology are a major part of the design. In fact, Qualcomm is now on its second generation of Ultrasonic fingerprint scanning technology (technically its third product). It promises a bigger reading area and faster processing speeds.

To actually capture the details of a fingerprint, the hardware consists of both an ultrasonic transmitter and a receiver. An ultrasonic pulse is transmitted against the finger that is placed over the scanner. Some of this pulse is absorbed and some of it is bounced back to the sensor, depending upon the ridges, pores, and other details that are unique to each fingerprint.

There isn’t a microphone listening out for these returning signals. Instead, a sensor that can detect mechanical stress is used to calculate the intensity of the returning ultrasonic pulse at different points on the scanner. Scanning for longer periods of time allows for additional depth data to be captured. This results in a detailed 3D reproduction of the scanned fingerprint. The 3D nature of this capture technique makes it an even more secure alternative to capacitive scanners.

Qualcomm 3D ultrasonic in-display fingerprint sensor has subsequently been adopted inside Samsung’s flagship Galaxy S10, Note 10, and Note 20 series’. Qualcomm’s second-generation scanner can be found powering the Samsung Galaxy S21’s in-display sensor too. Samsung points out that this new scanner is 77% larger and 50% faster than the previous generation product.

The drawback of the ultrasonic is that it’s not as snappy as other scanners yet. This is partly due to the reasons mentioned above. However, Qualcomm has addressed this with somewhat its second-generation technology. Ultrasonic tech also doesn’t play nicely with some screen protectors, particularly the thicker ones. They can limit the ability of the scanner to read fingerprints correctly. On the plus side, bezels are thinner than ever due to being able to hide the scanner under the display.

Samsung Galaxy S10 Plus Fingerprint reader

A word on in-display scanners

Ultrasonic fingerprint scanners aren’t the only option if you want to hide the sensor in the display. Optical-capacitive fingerprint scanners are being used for this purpose too. The industry is currently split between these two. However, you’ll seldom find ultrasonic scanners at the more affordable end of the market.

Optical-capacitive scanners address some previous security issues with optical designs. They combine the “real touch” requirements of capacitive scanners with the speed and energy efficiency of optical designs. This technology is embedded by inserting a sensor under the display. It detects light reflected by a fingerprint back through the gaps in the OLED display. This requires some work to integrate with the display, but it works quite well.

You’ll find various in-display optical fingerprint technologies in both affordable and premium tier handsets, ranging from Samsung’s Galaxy A50 to the Huawei P40 Pro.

The Samsung Galaxy S21 features an ultrasonic scanner, while Huawei's P40 Pro uses an optical OLED.

Ultrasonic scanners, by comparison, are a little easier to implement and adjust their placement to suit any handset. The tiny 0.2mm thick sensor sits behind the screen, passing its ultrasonic waves through the display to your fingertip. While this is great for development, it has led to a few security problems of its own. Samsung had to issue patches to its flagship smartphones to address issues that allowed almost any fingerprint to unlock the phones when using a screen protector.

Both technologies have their pros and cons and will likely remain viable choices for in-display fingerprint scanners for years to come. However, ultrasonic scanners may take a while longer to make their way to more affordable price points.

Cryptography, and secure processing

While most fingerprint scanners are based on very similar hardware principles, additional components and software can also play a major part in differentiating how products perform and what features are available to consumers.

Accompanying the physical scanner is a dedicated IC. It interprets the scanned data and transmits it in a useful form to your smartphone’s main processor. Different manufacturers use slightly different algorithms to identify key fingerprint characteristics, which can vary in speed and accuracy.

Typically these algorithms look for where ridges and lines end, or where a ridge splits in two. Collectively, these and other distinctive features are called minutiae. If a scanned fingerprint matches several of these minutiae then it will be considered a match. Rather than comparing the whole fingerprint each time, comparing minutiae reduces the amount of processing power required to identify each fingerprint. Additionally, it helps avoid errors if the scanned fingerprint is smudged. It also allows the finger to placed off-center or be identified with only a partial print.

ARM TrustZone is used to keep biometric and cryptographic data secure from the Rich OS.

Of course, this information needs to be kept secure on your device and saved well away from code that could compromise it. Rather than uploading this user data online, ARM processors can keep this information securely on the physical chip using its Trusted Execution Environment (TEE) based TrustZone technology. This secure area is also used for other cryptographic processes and to communicate directly with secure hardware platforms, such as a fingerprint scanner. Approved pieces of one’s personal information, such as a password key, can only be accessed by applications using the TEE client APIs.

How FIDO login works without sending any personally identifiable information.

Qualcomm’s take on this is built into its Secure MSM architecture and Secure Processing Unit (SPU). Apple, on the other hand, talks this up as the “Secure Enclave”. Either way, it’s based on the same principle of keeping this secure data on a separate part of the processor. There, it cannot be accessed by apps operating in the regular operating system environment.

The FIDO (Fast IDentity Online) Alliance has developed strong cryptographic protocols that use these protected hardware zones to enable password-less authentication handshakes between hardware and services. So, you can log into a website or online shop using your fingerprint without your unique data ever leaving your smartphone. This is accomplished by passing digital keys rather than biometric data to servers.

Read more: The best phones with in-display fingerprint scanners

Fingerprint scanners have become a very secure alternative to remembering countless user names, pins, and passwords stored on our phones. Their increasing speed, high level of security, and hidden in-display designs ensure that they’ll be sticking around despite the growing adoption of expensive facial unlocking technology. The widespread roll-out of secure mobile payment systems means that these scanners are sure to remain a crucial security tool in the future.