Samsung Galaxy S8 • Software/Apps Disadvantage
  • 2
  • 0

The Samsung Galaxy S8 and S8+ come with a face recognition system. However, this system has already proven to be insecure. This means that people who you haven't authorized to use the device can unlock your phone by using a photo of your face and fooling the face recognition system to believe that you are the owner of the phone. The Galaxy S8 then just unlock the phone and give full access to that person. The thing is that nowadays it's very easy to get face images of people by just visiting their Facebook account and downloading their selfie images. We all know that selfies are very popular nowadays and many people take selfies.

This makes the face recognition unlocking system very insecure and I personally wouldn't have used it at all. It's much better to use the iris scanner or fingerprint reader option to secure your data on your phone. The fingerprint scanner is relatively very secure and this is why it is used in Samsung Pay to authorize a transaction. I remember seeing the same embarrassing issue with Android "liveness" check a few years ago.

In the video above posted by Marchanotech YouTube user, you can see how the guy who posted this video tricks the Galaxy S8 into believing that the guy in the photo is the owner of that Galaxy S8 unit. The Iris scanner is obviously much more secured and works like a fingerprint with very detailed scanning so it will be almost impossible to fake. This is why there are many companies who use iris scanning to secure important assets. Maybe the combination of the two could have provide even more secure results.

This test was done using a pre-production model from what I've read, I'm interested to see if Samsung could do something to address this issue, because if it stays like that, nobody would use this photo, at least anyone who is aware of this security issue.

importance ranking: #1 in the 'Software/Apps' category and #6 among all categories for Samsung Galaxy S8 device

User Opinions

2 Comments
  • You know what's the funny thing is? this feature is mentioned under the security tab in the official Galaxy S8 product page on samsung.com. It's actually the first thing I thought about testing if I get the S8, but somebody already did it. I knew it will be problematic, but I thought that maybe Samsung did a magic trick with an algorithm that suppose to detect if it's a fake face image and not the real person in front of the phone. I have no doubt that a new update will fix this thing, but until then it's an issue. I hope that Samsung will solve this by the time the phone is released.
    1ReplyFlag
  • It also made me wonder whether people can trick the iris scan as well, but I don't think so. After all, there are plenty of high resolution selfies online, but maybe the scanning technology is different and doesn't adhere pictures with a photo of the phone's owner. I've read that people doing the V sign in photos isn't safe because people can extract fingerprint information from a high-resolution image and use it as a security breach. This is why I think that it might be possible to do so with the Iris scanner as well.
    1ReplyFlag