The previous generation of Samsung’s face unlock system used an iris scanner, but the firm ditched that specific design element in the S10 series in favour of its cut-out selfie camera.
Now, it seems that this decision has come back to haunt users (and their likeness).
No ad to show here.
A video published by AndroidWorld.it demonstrates this vulnerability in detail. To unlock the Samsung Galaxy S10, S10e or S10 Plus, it seems that all a user need do is hold up a photograph or video of themselves to the phone.
Others have noted this too. While AndroidWorld used a still image on another device, Unbox Therapy detailed late last week unlocked the device using a video playing on a another device.
Hell, according to some, you can unlock the device with your friend’s face. A user on Reddit’s r/Android sub detailed this phenomenon.
“I hand it to him locked. It suddenly unlocks with him! I thought maybe the camera spotted my face when I was handing it to him. We lock it again and bam, as soon as he presses the power button it unlocks,” u/perr0 writes.
“I then go to setting and uncheck the option for ‘Faster recognition’ on settings. Try again and to my surprise it unlocks right away!”
We’ve seen other phones have issued with face unlock security in the past. The Huawei Mate 20 Pro was especially vulnerable to spoofing. While even Samsung’s own Galaxy S8 had its share of issues.
But this problem is specifically annoying for Galaxy S10 users, largely thanks to the few other reliable authentication methods available.
The new ultrasonic fingerprint reader, located under the display, isn’t as reliable or quick as traditional fingerprint sensors.
As as a user of the S10 Plus for the past two weeks, I’ve found that face unlock on this device is most reliable way to unlock it quickly. Generally, face unlock isn’t advised, but for many it’s the only real option here.
Samsung has yet to comment on the face unlock issues.
Feature image: Samsung