Samsung Patents a Way to Unlock One Device Using Another's Biometric Scan

By Patentlyze Team · Updated Jun 5, 2026

What if your phone's face scan could vouch for your smartwatch, TV, or laptop — without you having to re-enroll your biometrics on every device? That's the core idea in this Samsung patent.

What Samsung's cross-device biometric handoff actually does

Imagine you've already set up face or fingerprint recognition on your Samsung phone. Now you sit down at your Samsung smart TV or put on your Galaxy Watch — and instead of scanning your face again on that second device, your phone does the heavy lifting and vouches for you behind the scenes.

That's essentially what this patent describes. Your first device (say, your phone) takes your biometric data and generates a kind of signed credential — a digital package that says "here's proof this person authenticated." It sends that package to a server, then broadcasts its own ID over the air. Your second device picks up that broadcast, contacts the server to get the signed credential, collects a quick biometric reading of its own, and sends both back to the server for a final verification check.

The clever part is that neither device shares your raw biometric data with the other — everything is hashed and signed, so the actual fingerprint or face scan never travels across the network in a usable form.

How the biometric signature and hash flow between devices

The system involves three actors: a first electronic apparatus (the trusted, already-enrolled device), a second electronic apparatus (the device trying to get authenticated), and a server acting as the trusted intermediary.

Here's the step-by-step flow:

• Device 1 combines the user's biometric data with its own device ID to produce biometric signature information — a cryptographically protected credential — and uploads it to the server.
• Device 1 then broadcasts its device ID locally (think Bluetooth or a similar short-range signal).
• Device 2 catches that broadcast, sends the device ID to the server, and receives the biometric signature in return.
• Device 2 then takes its own biometric scan of the user (the "second biometric information"), combines it with the received signature, and generates biometric hash information — a one-way fingerprint of the combined data.
• The server compares that hash against its records and either grants or denies authentication to Device 2.

The use of hashing (a one-way mathematical transformation that can't be reversed) means the server never needs to store or transmit raw biometric data. The two-step design — signature from Device 1, hash from Device 2 — means a compromised server alone can't reconstruct anyone's biometrics.

What this means for Galaxy device ecosystems

For Samsung, which sells phones, tablets, smartwatches, TVs, and laptops under the Galaxy and Tizen umbrellas, frictionless cross-device authentication is a meaningful UX advantage. If your phone can silently vouch for your TV or Galaxy Ring, you get the security of biometrics without the annoyance of re-enrolling every gadget you own.

There's also a privacy angle worth noting: by keeping raw biometric data off the wire and using cryptographic hashes instead, Samsung is designing around the most sensitive part of the problem. That matters as regulators in the EU and US increasingly scrutinize how companies store and transmit biometric identifiers. Whether this specific approach satisfies frameworks like GDPR or BIPA is a legal question — but the architecture shows awareness of the landscape.

Editorial commentary on a publicly published patent application. Not legal advice.