Samsung’s Galaxy S10, S10 Plus, and S10e are packed to the brim with everything and anything you’d want in a phone. Everything, that is, except the kind of secure face unlock technology that rivals Apple’s Face ID. The S10 and S10 Plus instead use an ultrasonic fingerprint sensor under the display as a secure biometric authentication method, while the S10e relies on a sensor on the side of the phone.
All three phones do have a face recognition feature that scans your face to unlock the phone, but unlike the iPhone, Samsung states this technology is not secure — it’s purely meant for convenience. It’s fast and indeed a handy way to unlock the phones, but in its default state, it’s incredibly easy to fool.
Setting up face recognition
If you want a secondary way of unlocking your phone, you can enable face recognition by heading to Settings > Biometrics and security > Face recognition. Now when the screen on any of the S10 phones turns on, you’ll notice a light circling the hole-punch camera (the selfie camera floating on the screen at the top right). This means the camera is looking for your face, and once it finds it, the phone will unlock. You can set it to jump straight to the home screen by toggling off Stay on Lock screen.
The problem is the technology is very basic, and that means it’s not very secure. A simple trick of showing the camera a photo of your face — printed out or on another phone — will fool it to unlock the phone. Just take a look at our test in the tweet below:
So yeah, the #GalaxyS10 can be unlocked with an image of your face. BUT go into Settings > Biometrics and Security > Face recognition and toggle off "Faster recognition." Haven't been able to fool it with an image since, and the speed difference doesn't feel that much slower. pic.twitter.com/n13sEmn8mt
— Julian Chokkattu (@JulianChokkattu) March 7, 2019
We’ve pointed images of our face toward the Galaxy S10’s selfie camera, and it never fails to unlock. That’s a little alarming, even if Samsung does state clearly that facial recognition isn’t secure. Face recognition on the S10 series will still never be secure enough to use as an authentication method for sensitive apps, but there is a way to make it less easy to spoof.
Slightly more secure
In Settings > Biometrics and security > Face recognition, toggle off Faster recognition. What this does is make face recognition a little slower but a little more secure, so it won’t be fooled with just a photo of your face. Next to the Faster recognition option, it does warn, “Faster recognition improves speed but reduces security, increasing the possibility of a video or image being incorrectly recognized as your face.”
We’ve turned it off and then tried to spoof it with the same test as before, but the phone wouldn’t unlock whatsoever. The difference in speed is also negligible. Now, we’re not saying it won’t be susceptible to any kind of spoofing, but it should offer just a little bit more peace of mind if you still want to use face unlock.
Ultimately, if the security of Samsung’s face recognition worries you one bit, it’s likely a better idea to not use it at all, and just stick to the fingerprint sensor.
- Galaxy S10, S10 Plus, or S10e: Key settings you need to change
- Samsung beefs up just about everything in its Galaxy S10 smartphone range
- Samsung Galaxy S10 vs. Google Pixel 3: Can Samsung beat the stock Android king?
- Samsung Galaxy S10 vs. S10 Plus vs. S10e vs. S10 5G: Which should you buy?
- Samsung Galaxy S10e hands-on review