Galaxy S8 Facial Unlocking Feature Can Be Bypassed With A Photo
When Samsung announced the Galaxy S8 and Galaxy S8+ yesterday, one of the rumors that turned out to be true was the inclusion of a sensor to allow for facial recognition.
This is aimed at reducing the impact of moving the fingerprint sensor to the rear of the device, removing the need for it to be used in order to securely unlock the phone. Of course, everyone understandably wondered just how secure this facial recognition would be, though. Can it be fooled into unlocking a device even when the person in question is not actually present?
As it turns out, the answer to that is a resounding “yes.”
As shown pretty conclusively by a new video being shared on the web, unlocking a Galaxy S8 or Galaxy S8+ could be as simple as waving a photograph at the device in question. In the video, a phone with a photograph of the person who secured the Galaxy S8 is used to fool it into unlocking, proving that a photo of the person who owns one of the new devices will be enough to unlock it.
At this point it is unclear to us whether this only worked because the photo was taken at the same kind of range and angle as a phone would normally see a person when it is being unlocked, but should that even matter? Or would a photo of a person taken from an angle, or further away have worked as well, for example?
Fans can pin their hopes on the fact that perhaps the phone / software combo is in a demo state for now, and that Samsung will have this patched and fixed up before the device ships out on April 21.
These are questions we may have to wait to be answered, and with the Galaxy S8 and Galaxy S8+ set to go on sale in a few weeks we should not have to wait too long to get that answer. For now though, we think the integrated iris scanner and that rear-facing fingerprint sensor may still be the best way to go.