The screen lock feature in the Samsung Galaxy S10 that is based on face recognition can be easily bypassed using a photo or a video of the owner.
The discovery was made by users and tech reviewers that demonstrated how to bypass face recognition screen lock implemented in the Samsung Galaxy S10 model. Even if in the past there were reported several cases of facial recognition lock bypass, new generation devices (Samsung Galaxy S9, S9 + and Note 9, Apple iPhone XS, XS Max and XR) promises better efficiency for their systems. Recent discovery demonstrates the opposite.
“The S10 does have a face unlock feature, but it’s just using the camera to look for your face and compare it to a previous image — there’s no 3D mapping or anything. I was actually able to unlock the S10 with a video of my face played on another phone.” reads a review published by The Verge.
The trick could be exploited by a local attacker to unlock the device and access users’ private info.
Samsung and other vendors warn that face recognition is less secure than other lock methods and they don’t exclude that someone who looks like the device owner or who uses an image of his face could unlock the phone.
Another aspect to consider is that face recognition might not recognize the owner if there are major changes to their appearance. Heavy makeup, the use of glasses, facial hair changes could interfere with facial recognition.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.