March 12, 2019 By King
Facial recognition is not the most reliable form of smartphone authentication. The reason: It either doesn’t work, or it’s easily fooled by a photo or video of the owner – or even of someone completely different.
Apple’s FaceID has been cracked using a mask. Last year, Forbes’ Tom Brewster broke into Android phones using a printed head. All of the Androids tested opened with the fake, although Apple’s phone was impenetrable.
So it will come as no surprise that facial recognition on the Samsung Galaxy S10 is flawed. A smartphone reviewer known as Unbox Therapy on YouTube – AKA Lewis Hilsenteger – demonstrated last week that the smartphone could be unlocked by placing a video of the owner in front of the camera. This was backed up by people who did the same test at The Verge.
And it is not the first time this feature has been criticised. A security researcher called Jane Manchun Wong was able to unlock her brother’s device because the two had a similar appearance.
The reason for the flaw is that unlike its competitor Apple, Samsung doesn’t do the 3D face mapping which ensures the person isn’t actually a video or picture. According to TechRadar, it’s because there’s no space for the required sensors to carry this out in the Galaxy S10’s design: the front camera’s embedded into the screen, rather than in a notch.
So what should you do? If you are not put off already, don’t use the facial recognition feature on the S10. It’s there for show – and even Samsung doesn’t think it’s all that secure. When questioned by TechRadar, Samsung said people should instead use its new in-display Ultrasonic Fingerprint that unlocks only with your physical fingerprint.
Fingerprint scanners are much more secure, of course in combination with other security measures. Until facial recognition is more reliable, it probably shouldn’t be used to unlock smartphones.