During the Galaxy S8 hands-on, the channel blogger @marcianophone was surprised by a security flaw regarding facial recognition of the device. When trying to unlock the S8 using a selfie, did the device recognize the image as the blogger's face scanner and successfully unlocked the device? We contacted Samsung and here you can check Samsung's response to the vulnerability.
Reviewing the official video of the new Galaxy launch event at precisely 25 minutes, Justin Denison, Samsung's senior vice president of product and strategy, presents the new security options present in the handsets. Three highlights were biometric authentication features: iris scanner, fingerprint reader and face recognition. During this speech, incidentally, said one of the best phrases of the presentation: "Not just enter a password, you are the password!".
And without a mistake, in fact reported that facial recognition is one of the example of easy and fast lock screen, which he called convenient. Incidentally, the words "Instant Access" appear on the presentation screen during this speech. Right now, you think face recognition would be the best screen unlock you can have: safe and fast, after all "you're the senator."
However, someone going there using a picture of the user's face registered in the device's system can unlock the device in seconds without at least one wrong attempt. Here's how easy it is to unlock the Galaxy S8 using a still image at 20 seconds of the video below:
Samsung Europe Official Statement
After viewing and reviewing this video over the weekend, I decided to contact the Samsung team to find out how it would be possible to unlock the device using the user's photo. Below you can check the manufacturer's official statement:
"The Galaxy S8 and S8 + offer various levels of biometric authentication, with the highest level of authentication associated with the iris scanner and fingerprint reader. In addition, the Galaxy S8 offers users multiple options to unlock their devices using biometric security and convenient features like Swipe and facial recognition.
It is important to reiterate that face recognition, while convenient, can only be used to unlock the Galaxy S8 or S8 + and currently cannot be used to authenticate access to Samsung Pay or Secure Folder. "
As you can see above, at no time does the manufacturer recognize the issue as using a demo version or beta software. However, it is clear that for security reasons, "face recognition can only be used to unlock the Galaxy S8, and cannot be used to authenticate access to Samsung Pay or Secure Folder".
Incidentally, as with the Unpacked event, I was informed that facial recognition software is intended to be used for convenience and speed over security, and that this information is presented to users when setting up the face recognition option for the first time. as lock screen mode.
How reliable is Galaxy S8 facial recognition?
If a simple still photo is capable of unlocking the device, the lock screen option based on face recognition is unreliable.
At the system level, a face scan is performed and a full-face image of the user of the device is captured, using the front camera to combine specific details of this image with those of the person in front of the camera lens at the time of screen unlock. This method works much faster than any other unlocking method because of the image signal processing performed by the Galaxy S8's advanced CPU, in conjunction with the camera's 8MP front camera auto focus.
This new option came with the release of Galaxy Nexus in conjunction with Android 4.0 in 2011. As the mode had security flaws, it was removed from the stock option list of Android. At the time, Google developers still tried to optimize the feature by requiring the user to blink to prove its "presence", but the attempt proved inefficient after some testing with image editing software such as Photoshop.
Opinion by Camila Rinaldi
If you want convenience, configure the Smart Lock feature.
Honestly, after all that has happened with the Galaxy Note 7 and the promise of safer investment by all Samsung executives, the choice of bringing between security modes a method that can be circumvented within seconds shows me that The manufacturer does not appear to be serious about its own market situation.
Samsung's face recognition is not convenient, it just seems to me to be another way to talk about the shift from the digital player to the back of the device and causing discontent among the brand fans.
So be realistic, if you want convenience, set up the Smart Lock feature, and press for security using screen locks such as a fingerprint reader, iris scanner, PIN or password. Otherwise your privacy will be compromised, not necessarily in the event of theft, but still very close to you, at home or at work.
Finally, I hope this option will no longer be available after the handset arrives on the market from April 21st.
(tagsToTranslate) scan iris galaxy s8 (t) how to unlock galaxy s8 using iris scanner (t) problems with galaxy s8 iris scanner