When Samsung announced that the Galaxy S8 had facial recognition, my first thought was “I hope it’s not easy to hack”.
After all, Android 4.0 saw facial recognition (dubbed ‘Face Unlock’) being introduced back in 2011. But this could be defeated with a photo. The next Face Unlock update searched for blinking eyes, but this too could be defeated.
So we’re a little disappointed to learn that Samsung may have a similar flaw in its implementation.
A Periscope user took a photo of himself with one smartphone, then showed the photo to a Galaxy S8. It took repeated attempts but the video shows the trick eventually working.
Samsung’s Galaxy S8 facial recognition has apparently been spoofed — better keep iris scanning enabled
It’s rather concerning if confirmed, so what does Samsung have to say about it then?
“The Galaxy S8 provides various levels of biometric authentication, with the highest level of authentication from the iris scanner and fingerprint reader. In addition, the Galaxy S8 provides users with multiple options to unlock their phones through both biometric security options, and convenient options such as swipe and facial recognition,” the company told Ars Technica.
“It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy S8 and currently cannot be used to authenticate access to Samsung Pay or Secure Folder.”