SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
30 Mar 2018

Why face unlock is a bad idea

Authenticating with your face seems like a natural choice when it comes to smartphones. Talk about convenient — you were going to look at the phone anyway, right?

The smartphone industry as a whole seems to agree. Apple wasn’t the first company to come up with the idea of unlocking a smartphone with a face, but after Apple introduced it, in the iPhone X, the whole smartphone industry followed — as it always does.

Almost every phone showcased at Mobile World Congress 2018 had this function. It’s a really bad trend, and here’s why. Actually, I don’t think that face recognition is bad per se. Quite the opposite — done right, it’s probably better then authentication based on fingerprints or PIN codes. But the devil is in details. Describing how Face ID works, we mentioned the complexity of the recognition system: It involves a regular camera, an infrared camera, and a dot projector, as well as some machine learning, secure storage, and processing. Apple has put a lot of effort and money into making the system fast, secure, and reliable — and it’s charging a nice premium for that, selling the iPhone X for $999. That price point causes a dilemma for other smartphone makers:

Their devices typically sell for quite a bit less, but they also have to keep up on features and specs. They start by trimming things that won’t be missed right away: a cheaper speaker here, slower storage there. Maybe leave out the infrared camera and the dot projector from the face-unlock module — but keep the function; it’s a selling point, after all.

The ability to use your face to unlock your phone is a feature highlighted in marketing materials, but ad copy doesn’t tend to delve too deep into how it works. Perhaps those companies don’t want to explain too clearly how they made their facial authentication significantly less advanced, less reliable, — and less secure. In most cases, an inexpensive phone’s facial recognition relies on just the front-facing camera and some not-so-advanced algorithms, maybe using a flash to take better photos. But a regular 2-D camera without an IR sensor or dot projector can be easily fooled by photos (for example, snagged from a social media profile) printed on paper or shown on a screen.

Even some of the better ones are likely still susceptible to fakery using 3-D printed masks. Even Apple’s Face ID was fooled by an “evil twin” mask attack, but phones relying on simple photos are simple gatekeepers. Not that bad, but also really bad The widespread use of face unlocking without adequate hardware will result in lower security overall for modern phones. Fortunately, for now it isn’t usually the default authentication method — codes or fingerprints are more common.

And some manufacturers use more secure systems, such as iris recognition, that are harder to fool. However, face authentication is trendy, so I expect more and more users of cheap Android phones to switch to it (Anything your iPhone can do, my phone can do, too — and at a tenth of the price!).

We highly recommend carefully checking the details of your phone’s face recognition method before enabling it. It must be really secure and not fall for photos or masks, or leak your data, or process data insecurely. Fingerprint authentication isn’t magically infallible, but at this point, it’s more secure — and a six-digit PIN is probably your best bet for now.

Tags:
data protection trends
Source:
Kasperky Daily
2288
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015