The launch of the Samsung Galaxy S10 range of smartphones was greeted in a muted manner by HEXUS readers last month. Most of the comments on our launch article were smartphone users saying how they would stick rather than switch, as the intergenerational advances were judged to be marginal. This is despite Samsung putting its efforts into three variants of the Galaxy S10, the S10e, S10, and S10+. Perhaps too many of Samsung's best developers were stolen away by the Galaxy Fold project.
One of the big trumpeted changes delivered with the Galaxy S10 trio was the introduction of the Infinity-O Display to Samsung's flagship range (it debuted commercially in the A-Series). However, this change has had an unflagged consequence to the smartphone security. Thanks to the restricted space available, Samsung made the design decision to eschew its established face and iris recognition systems. In its place is a basic Face Unlock facility that might best be left disabled…
Hiding the selfie camera in plain sight
This morning I received an email from cybersecurity solutions company Tripwire. The firm's regional director of EMEA channels, Cary Gibbs, provided a rather damning statement about Samsung's new Galaxy S10 Face Unlock. "Vendors and manufacturers have a responsibility towards private individuals who purchase their products," opined Gibbs. "People who aren’t necessarily as versed in the technical details of the features their device offers may unknowingly leave their phones exposed to hacks by choosing forms of authentications they don’t know to be flawed."
In conclusion the Tripwire exec thought it imperative that Samsung "informs customers of the risks they may incur if they opt for face recognition as their main authentication method, and that Samsung advises consumers to opt for a more secure one." Luckily, all the Galaxy S10 phones also come with fingerprint recognition.
The 'flawed' authentication method has been demonstrated as such by several tech magazines in recent days. I've embedded the Unbox Therapy video showing off how easy it is to fool this authentication method - unlocking a phone he had set up with a previously recorded YouTube video clip. The presenter highlights the fact that Samsung's smallprint warns users that "Face recognition is considered less secure". However, even photos have been shown to be good enough to 'fool' the system, as have the faces of relatives and other not-so-similar looking people.