How secure is your smartphone against would-be snoopers and hackers? I hope you're using some kind of security system on your gadget to protect your privacy.
Currently, there are a number of ways to lock and unlock our phones - thumbprints, irises, passcodes, patterns, facial recognition and more.
However, since Apple took its Face ID technology mainstream with the iPhone X, XS, XS Max and XR, facial recognition is now a common biometric feature in most smartphones. This, of course, allows the user to unlock the phone by merely looking at it.
Unfortunately, plenty of smartphones that are currently riding the face recognition bandwagon are still vulnerable to the simplest hacks of all - a picture of its owner.
Read on and see why you shouldn't use face recognition at all on some phones.
Face recognition is not foolproof
A study made by Dutch consumer protection group Consumentenbond revealed that plenty of smartphones that use facial recognition for biometric security can be easily duped with just a photograph.
The researchers tested a total of 110 phones and the results showed that 42 of them can easily be fooled with nothing more than an image of their owners. The report didn't disclose the quality of the photos used but it did mention that they used good portrait photos for their tests.
We can then safely assume that headshots, selfies and portrait photos lifted off social media sites like Facebook and Instagram will work with the phones.
Face recognition is not created equal
Although 42 of the phones are vulnerable to photo unlocks, 68 gadgets, including Face ID-equipped iPhones and newer models from Samsung, Huawei, Lenovo, Motorola and HTC, are safe from this technique.
Additionally, a few models can be unlocked with a photo but users can improve their face recognition settings to make it harder to pull off.
We also noticed that most of the more secure phones are newer models (most apparent with the Samsung Galaxy phones.) This suggests that phone manufacturers have been tweaking their face recognition systems and are constantly making improvements to their biometric security features.
Why are these newer phones resistant to photo unlocks? Well, they have more elaborate depth-sensing facial recognition hardware that tracks faces in 3D.
Apple, in particular, uses a front-facing infrared camera, a dot projector and a flood illuminator in its Face ID system.
These sensors work together to flood your face with 30,000 invisible dots that track your face in 3-D then create a pattern that's stored securely on the iPhone. Each time you look at the phone, the system then compares the facial pattern to match what it sees.
Other phones use similar methods but Apple's Face ID is still ahead of the curve.
List of tested phones
Here's a list of all the smartphones that Consumentenbond tested:
Unlocked devices with a photo
The following devices were unlocked with a simple photo.
- Alcatel 1X
- Asus Zenfone 5 Lite 64 GB
- Asus Zenfone 5, ZE620KL (64 GB)
- BlackBerry Key2
- BlackBerry Key2 (US version)
- BQ Aquaris X2
- BQ Aquaris X2 Pro
- General Mobile GM8
- HTC U11 +
- Huawei P20 (EML - L29)
- Huawei P20 Lite
- Huawei P20 Pro (CLT - L29)
- Lenovo Motorola Moto E5
- Lenovo Motorola Moto E5 (BR version)
- Lenovo Motorola Moto E5 Plus (BR version)
- Lenovo Motorola Moto G6 Play
- LG K9 (LM-X210EMW)
- LG Q6 Alpha (LG-M700n)
- Motorola Moto G6 Play (BR version)
- Motorola One
- Nokia 3.1
- Nokia 3.1 (US version)
- Nokia 7.1
- Oukitel VU
- Samsung Galaxy A7 (2018)
- Samsung Galaxy A8 (32GB) (SM-A530F / DS
- Samsung Galaxy A8 (64 GB)
- Samsung Galaxy A8 + (SM-A730F)
- Samsung Galaxy J8 Brasil
- Sony Xperia L2 (H3311)
- Sony Xperia L2 (H3321)
- Sony Xperia XZ2 (H8216)
- Sony Xperia XZ2 (US version)
- Sony Xperia XZ2 Compact (H8314)
- Sony Xperia XZ2 Compact (US version)
- Sony Xperia XZ2 Compact Dual SIM (H8324)
- Sony Xperia XZ2 Dual SIM (H8266)
- Sony Xperia XZ2 Premium (US version)
- Sony Xperia XZ3
- Vodafone Smart N9
- Xiaomi Mi A2
- Xiaomi Mi A2 (32GB)
If you have any of these phones and you're concerned about your security, the best move is to not use the facial recognition feature to unlock the phone. If available, you can revert back to the fingerprint scanner, the iris scanner or revert back to the good old PIN code.
If you had to choose, the iris scanner, in particular, is more secure than the fingerprint scanner. That's because patterns in your irises are unique to you and are virtually impossible to replicate, meaning iris authentication is one of the safest ways to keep your phone locked.
Devices unlocked with a photo, but with better security
The following gadgets were unlocked with a photo but you can improve their face recognition via settings tweaks.
- Honor 7A
- LG G7 thinQ
- LG G7 thinQ (US version)
- LG G7 thinQ Dual SIM
- LG V35 ThinQ (US version)
- LG V40 ThinQ
Note: On LG phones, you can configure their face recognition software by going to Settings >> Lock screen & security >> then select the Face Recognition tab under Biometrics. Here you can choose "Improve face recognition" and "Advanced face recognition" to make them harder to fool with photos.
Devices that can not be unlocked with a photo
The following devices could not be unlocked with a photo.
- Alcatel 3V (5099D)
- Alcatel 5
- Apple iPhone XR (128 GB)
- Apple iPhone XR (256 GB)
- Apple iPhone XR (64 GB)
- Apple iPhone XS (256GB)
- Apple iPhone XS (512GB)
- Apple iPhone XS (64GB)
- Apple iPhone XS Max (256GB)
- Apple iPhone XS Max (512GB)
- Apple iPhone XS Max (64GB)
- Asus Zenfone Max Plus (ZB570TL)
- Honor 10
- Honor 7C
- Honor 8X
- Honor View 10
- HTC U12 + (EU version)
- HTC U12 + (US version) Huawei P Smart +
- Huawei Y6 (2018) (ATU-L21)
- Huawei Y7 (2018)
- Huawei Mate 20
- Huawei Mate 20 Lite
- Huawei Mate 20 Pro
- Lenovo Motorola Moto G6 (32GB)
- Lenovo Motorola Moto G6 (64GB)
- Lenovo Motorola Moto G6 (US version)
- Lenovo Motorola Moto G6 Plus
- Lenovo Motorola Moto Z3 .US version
- Lenovo Motorola Moto Z3 Play
- Lenovo Motorola Moto Z3 Play .US version
- Motorola Moto G6 (BR version)
- Motorola Moto G6 Plus (BR version)
- One Plus 5T
- OnePlus 6 (128GB)
- OnePlus 6 (256GB)
- OnePlus 6 (64GB)
- OnePlus 6 (US version) (64 GB)
- Oppo Find X
- Samsung Galaxy A6 (32GB)
- Samsung Galaxy A6 + (32GB)
- Samsung Galaxy A6 + (64 GB)
- Samsung Galaxy A9 (2018)
- Samsung Galaxy J6 (2018)
- Samsung Galaxy Note 9 (128 GB) (EU version)
- Samsung Galaxy Note 9 (128 GB) Dual SIM (BR version)
- Samsung Galaxy Note 9 (128 GB) Single SIM (EU version)
- Samsung Galaxy Note 9 SM-N960U1 (US version)
- Samsung Galaxy S9 (SM-G960F / DS)
- Samsung Galaxy S9 SM-G960U1 (US model)
- Samsung Galaxy S9 256GB
- Samsung Galaxy S9 dual (128GB)
- Samsung Galaxy S9 + (SM-G965F / DS)
- Samsung Galaxy S9 + 256GB
- Samsung Galaxy S9 + dual (128GB)
- Samsung Galaxy S9 + Single SIM
- Samsung Galaxy S9 + SM-G965U1 (US model)
- WIKO View 2
Click here to read Consumentenbond's full report. The page is in Dutch but you can automatically translate it to English with Google Chrome.
Two-factor authentication is vulnerable to this new type of attack
Two-factor authentication has long been touted as one of the best ways to make sure you are staying secure online. But recently it seems that this tried-and-true way to stay safe has been beaten by hackers. They are using this knowledge to break into people's accounts and steal their information. Here's how to make sure you are safe from this hack.