Galaxy S9 Intelligent Scan Is A No Match For iPhone X Face ID, According To Security Researchers
Samsung’s Intelligent Scan, used in the Galaxy S9 and Galaxy S9+, is apparently just not up to snuff according to researchers, with Apple’s Face ID besting it thanks to that TrueDepth sensor that lives in the notch.
Facial recognition for smartphone security is nothing new, although Samsung does have a chequered past with it. The system used in the Galaxy S8 was notoriously easy to fool with nothing more than a photograph, and with Apple’s Face ID proving so secure and, importantly, fast, all eyes were on Samsung to see how the Galaxy S9 would fare.
When the company announced its new flagship in Galaxy S9 and Galaxy S9+, it made a lot of noise about its improved facial recognition system. According to CNET though, that is not entirely accurate.
According to the report, Samsung is using the same 2D facial recognition system that it used previously, then moving on to an iris scan if required. Beyond that, an attempt to authenticate against both at the same time will be made with the result being that the phone should unlock more quickly than previous Galaxy S handsets, but it will not be more secure. It would seem that speed of unlocking has been an aim for Samsung this year rather than trying to target security.
“They want to provide some level of security but also make it easy and effective for you to get into the phone,” said Andrew Blaich, a researcher with mobile security company Lookout. “This is probably trying to play catchup with how smooth the user experience is for the iPhone.”
Just as if to add insult to injury, the person who defeated the iris scanner in the Galaxy S8 last year has said that he doesn’t see much point in even bothering with the Galaxy S9 because it is essentially “the same system.”
Jan Krissler, a security researcher known as “Starbug” with the hacking group Computer Chaos Club, exposed the Galaxy S8’s weaknesses last May when he fooled Iris Scan with a photo and contact lens. He said his group’s not interested in trying to crack Intelligent Scan if there’s nothing new.
“There is no fun in hacking just a new release of the same system,” Krissler said in an email.
Ouch, that’s cold.
Since Samsung doesn’t allow Samsung Pay transactions to occur over its Intelligent Scan like Apple does with Face ID on iPhone X, that probably says it all about security of the two systems.