If you’re going to buy the Galaxy Note 8 this year, you should probably deactivate the face unlock feature. That’s because Samsung’s newest phone suffers from the same security problem as its predecessor. The phone can be unlocked with a photo. So if someone already has a picture of you, then it’ll be able to easily bypass the phone’s security when you’re not looking. In fact, even Facebook photos shown on a smartphone screen will do the trick.

It seems like a trivial thing, something that can’t possibly affect you, as the would-be attacker needs physical access to your phone to hack it. But it’s the principle of the thing. This is a feature that’s meant to secure your device and it has a major flaw.

If that sounds familiar, that’s because the Galaxy S8 suffers from the same problem. And it looks like Samsung didn’t do anything to fix it since launching the Galaxy S8.

Here’s the Galaxy Note 8’s security flaw in action.

If you’re wondering whether Samsung knows about the problem, you should know that it does. It’s very aware that face unlocks aren’t secure enough to be used with Samsung Pay, which is why its mobile payment system doesn’t support the feature. Apple’s iPhone 8 will also come with a facial recognition system, a first for the iPhone. But the handset will include 3D depth sensors that will prevent anyone from hacking the device with just a photo.

The Galaxy S8 and Galaxy Note 8 also come with iris scanners that are supposedly more secure than face unlocks. But hackers were also able to crack the Galaxy S8’s iris sensor not too long ago.

View Comments