Tuesday, Mar 19, 2024 | Last Update : 08:55 AM IST

  Technology   In Other news  01 Apr 2017  Samsung fails: Face unlock is not as secure as you think.

Samsung fails: Face unlock is not as secure as you think.

THE ASIAN AGE
Published : Apr 1, 2017, 1:04 pm IST
Updated : Apr 1, 2017, 1:04 pm IST

Samsung Galaxy S8’s ‘face unlock’ security feature was flawed; a video proved it.

The Face Unlock feature was ‘supposedly’ another mode of secure unlocking that Samsung is said to have put on its flagships.
 The Face Unlock feature was ‘supposedly’ another mode of secure unlocking that Samsung is said to have put on its flagships.

Samsung boasted about the face unlocking feature on the Galaxy S8 during the launch of the flagship devices in New York. The Face Unlock feature was ‘supposedly’ another mode of secure unlocking that Samsung is said to have put on its flagships. However, the feature, though an old one, was beaten after a video showing that a mere photograph of the user could help unlock the phone.

Face unlock is not a new feature — we have seen and used it in the past. The front camera is used for detecting the photo of a user and then match it with the stored profile picture on the phone. This match when confirmed, unlocks the phone. However, Google later went on to make the feature even more secure by adding another feature called ‘liveliness check’ to it. This new feature additionally checks if the subject facing the camera moves and blinks, making sure that the face unlocking feature is not bluffed with a mere photograph.

However, a new video that was released by a user named Marcianophone shows that the Samsung Galaxy S8 can be locked with a simple photo. He presented the photo of the user on his phone and flashed it at the Samsung Galaxy S8’s front camera and in a few seconds after he moved the photo around, the phone unlocked.

Face unlock is not as secure as you think. Even if the phone and the algorithms in the security software were to check for a smiling, blinking and moving face to check if the subject is a real person and not a photograph flashed in front of it, there are methods to fool the system. There are a couple of apps that can click a photo of the user and animate it with smiles and blinking eyelids. This makes the static photo look realistic.

But Samsung seems to know that face unlocking is not as secure as one thinks. This is the reason why Samsung has not added the face unlock authorisation protocol for Samsung Pay purchases. If you own a phone with the face unlocking feature, make sure you don’t use it as the authentication mode to unlock your phone or any data sensitive app with the feature.

Click here to watch the video where Marcianophone shows how the Samsung Galaxy S8 could unlock itself with a photo flashed on another phone that was placed in front of it.

Tags: samsung, galaxy s8, smartphone, face unlock, privacy, security, hacking