Tag: Weakness

Summary created by Smart Answers AIIn summary:Tech Advisor reports that 64% of smartphones tested since 2022 have facial recognition easily fooled by a simple 2D photo, affecting major brands like Samsung, Motorola, and Oppo.This security flaw exposes personal data including photos and emails, though it cannot approve mobile payments or access high-security features like Samsung Wallet.Users should opt for PINs or fingerprint systems instead, as Google Pixel and Apple iPhone models with 3D facial recognition offer better protection. UK-based consumer choice organisation Which? has highlighted a shocking shortfall in security that affects almost two-thirds of modern smartphones. Which? reports that of the 208 phones it has tested since 2022, a staggering 133 (that’s a clear majority of 64%) could have their facial identification systems fooled by a simple 2D photo. The list of brands that fell foul of this crude bypass method is extensive, including Asus, Fairphone, Honor, HMD, Motorola, Nokia, Nothing, OnePlus, Oppo, Realme, Samsung, Vivo and Xiaomi. While the report points out that budget and mid-range models are the main weak points here, it’s not exclusively a cheap phone problem. Flagship handsets such as the Oppo Find X9 Pro, the Motorola Razr 50 Ultra, and the Samsung Galaxy S25 range all failed the test. The year 2024 was particularly bad in their reckoning, with 72% of the phones tested falling foul of the 2D photo hack. Android models that did pass this test include recent Google phones, such as the Google Pixel 10, Pixel 9, and Pixel 8, as well as the recent Samsung Galaxy S26 series. Apple’s iPhone range obviously passes with flying colours, having pioneered proper 3D facial recognition technology. The likes of the Honor Magic 8 Pro (pictured below), meanwhile, is one of precious few phones to adopt a similarly advanced biometric system. Chris Hall / Foundry Time to face facts This is not a new issue, of course, and most Android phones that fail this test will offer a warning message when you set them up. However, Which? has noted its concern that some manufacturers aren’t doing enough to apprise users of the inherent weakness of non-3D facial recognition systems. It picks out Motorola, OnePlus and Nothing, in particular, as being prominent brands that don’t offer a sufficiently clear upfront warning of the drawbacks to their facial recognition systems. While it’s not possible to use these insecure facial recognition systems to approve mobile payments, they still grant access to personal data such as photos, private messages and emails. The latter, in turn, could grant potential thieves the ability to reset account passwords. The simple answer to this security weakness, for anyone with an affected phone (which is most Android users), is to not set up face-based access at all, and to lean on good, old-fashioned PIN and fingerprint systems. Alternatively, many Android phones make it possible to lock sensitive apps such as WhatsApp behind these more secure entry mechanisms, so that 2D facial recognition only gets you as far as your Home Screen. Update – Samsung responds After we published this article, Samsung contacted us to restate the above-made point: “Galaxy phones clearly specify the various levels of security of their lock types, with the highest level of security offered by the fingerprint reader. It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy device and cannot be used to authenticate access to features requiring stronger security, such as Samsung Wallet.” So, the issue remains: if you use facial recognition and your phone isn’t one of the ‘safe’ models mentioned above, bear in mind that your phone isn’t as secure as it could be, and you should take additional measure to protect important data.

Tag: Weakness

Android Phones Shown to Have a Major Biometric Security Weakness

Quick Links

Resources

Support