FACE recognition on the Samsung Galaxy S10 is not secure and could allow anyone to open the phone with a picture of the owners face.
Tech experts and recent buyers of the phone have found that it can even be unlocked by relatives or friends that look similar to you.
When Samsung decided that its Galaxy S10 would have an Infinity-O hole-in display, it meant that the device could no longer use the facial and iris recognition system that Samsung has worked on for years.
The Infinity-O hole-in display means that there is a circular punch hole cutout at the top edge of the screen and this is where the camera is situated.
Apple also wanted a completely ‘notch-less’ display on the iPhone X but had to admit defeat when it realised the hardware it needs for secure Face ID won’t fit in a waterdrop notch, and definitely not in a punch hole cut out.
There are now several videos on the internet proving just how easy it is to unlock the Galaxy S10 with a photo of its owner, even if the photo is on the bright screen of another smartphone.
Jane Manchun Wong, who is known for highlighting security vulnerabilities for fun, tweeted that she was able to unlock her brother’s Galaxy S10 with her face.
Owners of the new phone have also been complaining about it on Reddit with one user stating that his friend was able to unlock his phone with his face despite the pair not looking alike, with their only common feature being a beard.
How does Apple’s FaceID tech work?
Samsung’s facial recognition system for the Galaxy S10 is very simple compared to the one on Apple products. Here are the steps an iPhone takes:
- The phone will use various sensors to work out how much light it needs to illuminate your face.
- It then floods your face with infrared light, which is outside the visible spectrum of light.
- A dot projector will produce more than 30,000 dots of this invisible light, creating a 3D map of your face.
- An infrared camera will then capture images of this dot pattern.
- Once your phone has all that info, it can use your face’s defining features – like your cheekbone shape, or the distance between your eyes – to verify your identity.
- It computes a score between 0 and 1, and the closer it is to 1, the more likely it is that your face is the same as the one stored on your iPhone.
- Apple says there’s a one-in-a-million chance of someone else getting into your iPhone with Face ID, although the system has been tricked with twins.
- Still, it’s arguably better than the alternative: Apple’s Touch ID fingerprint scanner has a one-in-50,000 chance if being fooled.
Software company One Identity sales engineering director Patrick Hunter said: “Whilst facial recognition unlocking might be useful for the average home user, it should never be used in the corporate world.
“We have to decide whether the risk is worth the convenience with all types of security and, in this case, it is our responsibility to ensure that our devices are secured by the necessary authentication methods.
“It is one thing for someone to access your photos or send messages from your phone, but another thing if they can readily access your work email that contains swathes of valuable data, extract it and breach GDPR.”
Samsung has warned users that enabling ‘Face Unlock’ could make their smartphone less secure and said that the feature is there more for convenience purposes.
The Galaxy S10 has only recently become available for purchase and prices start at £769.