Wednesday, May 7, 2025
HomeMobile AttacksNokia 9 PureView Fingerprint Sensor Is Fooled by Chewing Gum

Nokia 9 PureView Fingerprint Sensor Is Fooled by Chewing Gum

Published on

SIEM as a Service

Follow Us on Google News

The brand new Nokia flagship with five camera modules looks pretty promising but has several significant weaknesses. Recently, it shocked the world with dangerous security flaw related to its onscreen fingerprint sensor that is tricked by non-registered patterns of other fingers and even various items such as coins or gloves.

Users noticed the first issue right after the launch. Then, Nokia’s scanner had too low sensitivity and didn’t recognize the owners’ fingerprints often.

HMD Global responded to this problem with a patch dated by 19 April. The update improved the scanner’s sensitivity and really helped people to interact with their smartphones. Too much.

- Advertisement - Google News

As for now, the PureView has an extremely responsive sensor that recognizes not only fingerprints of owners but also other prints and material objects, e.g. chewing gum packs, coins, gloves, etc.

The problem was spotted by Twitter user Decoded Pixel. He posted a video where his Nokia 9 is unlocked with two different fingers and chewing gum

Why This Happened?

The most recent update for Android 9 Pie 4.22 includes the patch from HMD Global. Most likely, engineers didn’t improve the recognition algorithm but simply lowered the sensitivity threshold so PureView now accepts prints with a quite low original match. Phone owners mention that they can unlock the gadget with almost any touch, including random taps and fingers wrapped in cloth. Developers still didn’t react to multiple complaints.

As usual, people also joke about the issue. Reddit users mention that this is a new Nokia feature that will be available for extra money – the Gum ID. Still, we shouldn’t forget about the real danger of such flaws as frauds can easily get access to stolen phones due to identification errors. The next OTA update should fix the sensor so it’s better to disable this feature now and use traditional PIN codes or graphic patterns. As well, you can order dedicated software development Ukraine here to get extra security layers for your applications.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Critical AWS Amplify Studio Flaw Allowed Attackers to Execute Arbitrary Code

Amazon Web Services (AWS) has addressed a critical security flaw (CVE-2025-4318) in its AWS Amplify...

Severe Kibana Flaw Allowed Attackers to Run Arbitrary Code

A newly disclosed security vulnerability in Elastic’s Kibana platform has put thousands of businesses...

IT Worker from Computacenter Let Girlfriend Into Deutsche Bank’s Restricted Areas

A former information technology manager has filed a whistleblower lawsuit alleging a major security...

NSO Group Ordered to Pay $168 Million to WhatsApp in US Spyware Verdict

A federal jury in California has ordered Israeli spyware maker NSO Group to pay...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

MediaTek Releases Security Patch to Fix Vulnerabilities in Mobile and IoT Devices

MediaTek, a prominent semiconductor company specializing in mobile, IoT, and multimedia chipsets, has announced...

CISA Released Secure Mobile Communication Best Practices – 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to...

Ghost Tap Attack, Hackers Stolen Credit Card Linked To Google Pay Or Apple Pay

Threat actors are exploiting a new cash-out tactic called "Ghost Tap" to siphon funds...