Samsung Galaxy S10’s Face Unlock Can Be Fooled By a Photo

Unbox Therapy

Samsung released its Galaxy S10-lineup recently and the devices have been making news since their release and now the Galaxy S10 is news again but for all the wrong reasons this time. Samsung ditched the IR scanner in favor of an in-display fingerprint scanner and camera-based face unlock technology. Unfortunately, the latter authentication method has turned out to be not so secure.

Unbox Therapy and The Verge were both able to bypass the face unlock authentication method on Galaxy S10 with the help of a video played back on another phone.

It is not clear as to whether these outlets disabled the faster recognition option, which boosts unlock speeds at the expense of security. Tech Website SmartWorld told Android Police that they disabled the feature when they were able to successfully unlock the device with a photo.

Jane Wong, an app developer and teardown specialist, reported that she was able to unlock her brother’s Galaxy S10 Plus with her face. This is not the first time a phone mistook someone else for its owner, and manufacturers usually warn users about the perils of using camera-based face unlock. But the issue with the Galaxy S10 is that it is able to unlock itself if presented with video playback of the owner’s face.

The camera-based authentication method is not very secure and has a history of problem related to security, going back to Android 4.0 Face Unlock in 2011. Back then, it was reported that the technology can be fooled using a simple photo.

Face Unlock using structured light and time-of-flight sensor has since become the norm for several flagships. These solutions are able to calculate facial details and contours, largely negating photo and video spoofing.

ALSO READ:

LEAVE A REPLY

Please enter your comment!
Please enter your name here