Samsung Galaxy S8 Facial Recognition Fooled By Digital Photo
YouTube user Marcianotech had a chance to check out Samsung's Galaxy S8 at the phone's launch event last Thursday, and after only a few minutes spent with the device was able to firmly defeat the phone's facial recognition function using a digital photo taken on another Galaxy S8.
The bottom line on this news is fairly unsurprising: Samsung's facial recognition seems to be based on basic image fingerprinting, and since image fingerprinting relies on two-dimensional cameras, they can be bypassed with two-dimensional images.
Because of this inherent flaw in the software's design, some facial recognition software adds in extra layers to detect movement, such as requiring a user to deliberately blink in front of the camera. For the S8, such is not the case.
In a statement to ArsTechnica, the Samsung asserted that the phone's facial recognition is only used for device unlocking, and plays no function in more security-sensitive tasks.
"The Galaxy S8 provides various levels of biometric authentication, with the highest level of authentication from the iris scanner and fingerprint reader. In addition, the Galaxy S8 provides users with multiple options to unlock their phones through both biometric security options, and convenient options such as swipe and facial recognition. It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy S8 and currently cannot be used to authenticate access to Samsung Pay or Secure Folder."
Have you managed to unlock a Galaxy S8 using a digital photo? While you're in there, why not install one of our Best Android Games?