Here’s an update regarding the fingerprint sensor issue:
Since the update to Android 13 for Fairphone 3(+), the fingerprint sensor at the back of the device can no longer be used to log into certain apps with higher security requirements, such as some banking apps.
The fingerprint sensor can still be used to lock and unlock the device itself and the affected apps can still be accessed using a password or pin code for login. However, we do realize that this is a major inconvenience for many users of the phone, so we want to make users aware of the issue. We have stopped the roll-out (at 10%) of the update, for now, to make sure the information for the end users is well-written and clear enough.
This issue is caused by updated Android security requirements and the lack of support from our fingerprint sensor manufacturer. We were aware of this issue before beginning the roll-out of the latest update but failed to include it in the release notes. This is a major oversight and should not have happened. We realize that we need to be more proactive about how to communicate and present known issues/regressions and potential workarounds before releasing updates to the public.
Please note that, on Android 13, it is now required to unlock the device using a PIN or password at least once a day. Previously, this was only required on the first unlock after boot/reboot. This is Android-default behavior and not related to the issue described here.
Is there a way to check which apps have this requirement? One of the multi-factor apps that I need for my work only supports fingerprint access; if that stops working I’ll be forced to get a new phone.
@Marta_Artigas Does FP consider the possibility of writing your own firmware for the sensor that would raise its trustowrthiness? Or is the reason Google doesn’t trust it somewhere in the hardware and thus not fixable on the current hardware?
If the last years with prior Android versions are any indication, security update support for base Android 11 will end somewhen in early 2024.
Might be enough to bridge the time to the Fairphone 5 probably, but whether Fairphone have the resources to service 2 Android versions simultaneously, I don’t know.
(I don’t use the fingerprint sensor at all … and even if I would, I’m not using Fairphone OS, on custom ROMs not bound to Google certification the fingerprint sensor continues to be accepted as before. Banking Apps might not like custom ROMs, though. Tough call then.)
This is not true.
I have to use an app for authentication when logging in to certain webservices. It is only possible to use this app using my fingerprint and not by a pin or password.
This is a real problem for me and i dont have the time to backup all data on my device, so i can also not easily go back to version 11 without losing data…
No it is not possible, it requires a fingerprint sensor to work.
The app is called “Digitales Amt” and is used to access services related to the government. This also includes financial services from the government which makes it super annoying that it does not work…
it’s also used for digital signatures that i use very often.
This means, that this information will be better communicated to the user. That’s good. But it is not a solution to the problem.
Will there be any solution at all? Maybe by rolling out a different firmware to the fingerprint reader? Or a user-selectable switch to accept not-so-safe fingerprint readers for all apps?
Or anything else?
Any information about that would be helpful and end speculations.
Thank you very much!
Before people start downgrading by themselves … can anyone can say if the anti-rollback mechanism that bricked some FP4s now affects the FP3/FP3+ on Android 13, too?
hmh I am not sure but I suppose this firmware for that fingerprint reader is closed-source and not openly available source code. So fairphone might not have any rights to release modified firmware.
But regardless of that:
Since these security measures are implemented by Google, I can’t imagine how Fairphone could get around these security decisions without loosing Google certification and thus all Google-related things like GPS (Googl Play Services) and GMS (Google Mobile Services).
I use the LineageOS fork iodéOS and so far all my banking apps are working flawlessly even with fingerprint and Magisk Root activated.
But that might depend on every specifiv app, of course.
