Samsung Galaxy S8 Facial Recognition Security Reportedly Bypassed with Photo
Samsung has freshly launched their flagship Galaxy S8 and S8 Plus smartphones on Wednesday, touting new security features including a facial recognition and iris scanning system that unlocks the phone instead of the usual fingerprint and keypad code unlocking methods. These biometric systems are becoming more popular and are being integrated into more consumer devices as they are viewed as safer and harder to forge than fingerprint verification…that is, if it is implemented correctly.
During a showroom hands-on demo at the Galaxy S8 launch in New York, MarcianoTech tested the facial scanning system while on a live periscope stream which showed that he was able to bypass the phone unlock by simply holding up another phone with a photo of his face on the screen, taken from another Samsung phone. The original video is in Spanish and begins around the 5:00 minute mark of the 41:51 minute long live stream. YouTube channel iDevice Help has isolated that section of the live stream and put it up on YouTube:
The security flaw is quite embarrasing for Samsung’s latest flagship phone series to say the least as being able to separate a real face from a photograph is one of the first factors biometric security software should be able to look out for. Only the facial recognition test was tried with a photo and MarcianoTech did not proceed to test whether the Iris scanner can be fooled with a photo as well. Expect many publications to conduct their own testing within the next few days however.
