Skip to main content

Facial Recognition Has Major Flaw On New Samsung Phone

By April 22, 2017May 25th, 2021Technology News

Samsung, the world’s largest cellphone manufacturer, has a problem with their flagship offerings, the new S8 and S8+ devices. Both were released with a new facial recognition software the company used as an advanced security measure.

The idea was a thing of beauty in its simplicity. Advanced machine learning coupled with advanced image recognition routines allowed the company to create software that would allow the phone to recognize your facial features, using your face as the means of locking and unlocking your phone.

A lot of time and money went into developing the new scheme, which was seen as being on the leading edge of a new era in biometric security. There was just one problem. It only took hackers a few days to find a way to break it, and their solution was almost shockingly simple. They used online photos of the phone’s owner to trick the “smart” software into thinking they were the actual owner.

Yes, you read that correctly. A photo pulled off the internet was all that was needed to trick the phone into unlocking for any hacker who got ahold of it.

The software is, of course, smart enough to differentiate between a still photo and a living, moving, constantly shifting human face, but it turns out that the workaround for that was pretty simple too. You need but shake or jiggle the phone in front of the picture to give the image a sense of motion, and the phone dutifully gives up its secrets.

The company is reportedly working on tightening up their algorithm to help prevent this in the future, but at this time, there’s no ETA for when it might be forthcoming.

Fortunately, the company did not enable facial recognition for its Samsung Pay feature. So, although a hacker could gain near-total control of one of those Samsung devices in this manner, at least they would not be able to access the pay function and initiate rogue transactions. Still, this finding represents a black eye, and a significant step backwards.

Jason Manteiga

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.

Leave a Reply