FAIRPHONE 3 and 3+ A13 - Fingerprint sensor update

For all we know it’s just one single app so far: App "Digitales Amt"
And the way I understand their FAQ it’s possible to use the federal services offered via app also via browser, but I’m not sure here.

I just hope that everyone who complained here about that app no longer working also contacted the app developers/the government body responsible for the online services. Otherwise, how would they learn that some users can’t use the app like designed? So that they at least can extend their FAQ about this issue, or even better implement a fallback for a future version.

I agree for situations where I’m sitting at my desk and have all the time in the world to e.g. confirm a 2FA secured login or banking transaction.

But I really don’t want to type my long master password of the password manager app in order to copy the app password of my carsharing app in order to open the car in front of me in the middle of heavy rain where the raindrops interfere with typing on the touchscreen.

2 Likes

Here are the new release notes, including the notice about the fingerprint reader: https://support.fairphone.com/hc/en-us/articles/360048139032-FP3-Fairphone-OS-release-notes#h_01GMTQRVTY2YE5ZNSBP6WXP2AH

  • Please note: due to updated Android security requirements, the fingerprint sensor at the back of the device can no longer be used to log into certain apps with higher security requirements, such as some banking apps. The fingerprint sensor can still be used to lock and unlock the device itself and the affected apps can still be accessed using a PIN or password for login.

The link can be found in the notes of the update, which I received this morning (FP3. Carrier service: Pepephone, in Spain). Here is a screenshot of the English version:

2 Likes

never seen an app with ONLY fingerprint reader as option! You’re right.
But what are the options you’re working on? Sensor replacement? Your DNA is modularity…?
Please keep us posted…thx

More infos about an upgraded Fingerprint-Modul:

In my eyes just standard-support-blabla and not really an answer.
For me its somehow frustrating. I think, if you can’t fix it in software, changing the Fingerprint-Modul is the only correct and secure solution for this problem. Whats the point of making a phone modular if you just don’t use the full potential.

For me this case is closed.
I check out the next weeks how much this issue sucks me and then live with it or try LineageOS or go to a new phone. Maybe a FP5 because i like the fairphone-spirit, but i need to rethink this first.

7 Likes

Officially by a fairphone employee? If so I can’t find the posts. :thinking: I will look again.

Agreed. I guess that will be early 2024?

I can’t argue with that. You are right.

Thanks for posting your reply from FP . Reply skipped over your question entirely. Everything they told you, we already knew thanks to this community and the guardian angels.

I’m dissapointed with this developement, but it is what it is.

Is it possible to downgrade to A 11 without loss of data?

No sadly :frowning: . . . . . . . .

Not under normal circumstances, because under normal circumstances the bootloader is locked. Unlocking it to do the manual install will wipe user data for security reasons, locking it will do the same.


(Even with an unlocked bootloader there’s still Android rollback protection, which will force a data wipe after a downgrade to an older Android version for security reasons. I know that an older security patch level will trigger this, but the patch level of the last Android 11 release and the new Android 13 release seem to be the same - June 5. What I don’t know so far is whether this would be triggered because 11 is an older version than 13.)

6 Likes

The message is ‚officially‘, not the poster, as this is a user forum.

2 posts were split to a new topic: FP3 Android 13 not possible to enter OEM unlocking code

That may be nitpicking, but you paid for a functional fingerprint sensor and you still have a functional fingerprint sensor with Android 13. Trust and other Android security features are subject to sudden changes by Google. A similar problem could have happened on Android 11, for example through a Chrome API change.

I agree that Fairphone has not suffciently communicated this problem. But overall I still appreciate the upgrade to Andoid13 and extended security lifecycle of my FP3.

3 Likes

A fairphone employee started this thread.

Apparently the changes happened with Android 12.

2 Likes

The UI design changes came with Android 12.
I don’t think the fingerprint issue did. A number of users are using Android 12 for a while already in the form of custom ROMs like /e/OS and others, me too. And while I’m not using the fingerprint reader, I frequently browse the /e/OS forum, too, and at least I haven’t seen this issue come up. Since banking Apps are in wide use and a constant sore point when using custom ROMs, users are quick to point out any trouble with them, so this issue should be somewhat prominent over there, but it isn’t (… yet?). (Edit: Wrong assumption, brain malfumption :face_with_spiral_eyes:)

1 Like

You are not a Fairphone employee either, but are allowed to post here :wink: .

The discussion of who started this thread ‘Fairphone’ [Marta_Artigas] seems very off topic

The fingerprint issue would have been in A12 as well. This is from the beta testing issue by an FP employee

This issue occurs due to updated biometrics test requirements in Android 12 and 13 compared to older biometrics test protocols. Under the new test protocols, Fairphone 3 does not comply with the strong requirements that are necessary for using biometrics (i.e., the fingerprint sensor) for unlocking secure data and credentials on the phone (i.e., Android keystore).

The fingerprint sensor can still be used on the Android lock screen and most other apps.

Custom ROMs don’t need to pass the Google test protocols so they can simply declare the fingerprint hardware to comply with the new requirements (or maybe they just don’t need to change the hardware declaration to a lower standard, I don’t know how it’s done technically).

4 Likes

Ah, thanks for this, I think I can see my error :person_facepalming:.
Either /e/OS was saved until now because Google’s change came and was nullified in LineageOS 20 (Android 13) while the latest /e/OS was and is still based on the abandoned LineageOS 19 (Android 12), or /e/OS developers could of course have handled it proactively the same way so it wouldn’t affect /e/OS.

I don’t know what those values in the config.xml mean, but in LOS there was one change from “0:2:15” to “0:2:255” marked as “Downgrade the biometrics security to WEAK” and later this was reverted back from “0:2:255” to “0:2:15” (your link).

In /e/, there was no change after the “0:2:15” was initially added in FP3: Add fingerprint configuration to overlay (5a9506da) · Commits · e / devices / android_device_fairphone_FP3 · GitLab

So I guess my “or maybe they just don’t need to change the hardware declaration to a lower standard” assumption was correct. The fingerprint config initially got added and marked as “strong” and that config just stayed untouched.

1 Like

For the reasons I stated earlier in the thread, this change simply means a new phone for me, whether or not it was communicated well.

But IMHO communication still leaves much to be desired: the release note underplays the issue (FP sensor is really important to some people), and is disingenuous about the consequences (not all apps have PIN fallback).

But there is more information I would expect: why was the reader downgraded in the first place? Is it itself insecure? Has Fairphone taken any precautions to reduce the chance of things like this happening in the future?

And why is there no replacement available? I can only assume this was considered, and a certain loss of formerly happy customers was chosen rather than the financial risk of an upgrade path out of this issue.

Unfortunately for me, I am one of those customers, and after almost 10 years of using the FP1, FP2, and FP3, I have just now ordered a non-fairphone phone. I’ll update this one to A13 when the replacement has arrived, and fill in some of my fingerprint-using apps in the overview thread. Then it’ll probably become a playground model for trying out things like /e/, but I can no longer consider Fairphone phones fit for my daily use.

I’m glad for whoever doesn’t mind this change, and wish them many more years of happy FP3 use. I also wish Fairphone the best. But I’m done.

7 Likes

Instead of having a useless phone just go experiment things from time to time and stays in a drawer most of the time, maybe you could think about resell it to give it a second life.

1 Like