Source: Samsung Galaxy S10's Facial Recognition Easily Fooled by a Digital ImageFace Unlock has been around since as early as Android 4.0 under the monicker of Trusted Faces. The feature didn’t get much attention until Apple ‘reinvented’ it with the iPhone X. Now, the feature has found its way to just about every phone released in 2018 and is little more than marketing fluff (along with Dual Camera, Octa Cora Processor and the likes.) Unlocking your phone via facial recognition is inherently insecure, and Android has always made it a point to let their users know about it. Last year, the OnePlus 6 ran into a similar issue, where the phone could be unlocked via a printed version of the users face. The Samsung Galaxy S10 seems to have into similar problems, as demonstrated by popular YouTuber Unbox Therapy
As demonstrated in the video above, the Galaxy S10 could easily be unlocked via a YouTube video of the user displayed via another phone. Lewis (Unbox Therapy) was first made aware of the problem by his editor and was able to reproduce it multiple times in the video. Although it isn’t much, Samsung does specify that using your face to unlock the phone is insecure and that you’re better off using your fingerprint.
Before the Galaxy S10, Samsung phones used a hybrid between facial recognition and iris scanning to unlock the device. The method was both unreliable and slow, resulting in the Galaxy S10 getting its own version of ‘Face Unlock’ The method is was, and will continue to be a security risk, even in the foreseeable future, but at this point, it is on the long list of features that have to be present on a phone for it to sell. Face Unlock needed to die yesterday, but here we are stuck with a gaping security hole that exists solely to give smartphones ‘cool points’. I’ve got to hand it to Apple for implementing the most secure version of the feature yet and hope that other OEMs follow suit.