Samsung’s new Galaxy S8 is an amazing phone with a horrible flaw.
Out of the slew of new features in the device, the Galaxy S8’s facial recognition software is the biggest cause for concern.
Samsung pitches facial recognition as a convenient way to unlock your device, but it also says it’s less secure than the other methods for keeping all your stuff safe — in fact, as you set up the phone, you’ll see a pop-up that says facial recognition is not as secure as the other means of protection, like the fingerprint sensor, iris scanner, and a passcode.
A few weeks ago, in fact, someone was able to fool the S8’s facial recognition with a photo of themselves. (Samsung says it has since updated the S8’s software to add more security, and I wasn’t able to trick my review unit with a photo of myself.)
Still, the S8 will still warn you that facial recognition isn’t secure and could be tricked when you set it up. That’s a good move in theory, but in practice it could confuse users.
For example, when you first set up your S8, facial recognition is the first option given to “protect your phone” when you set it up for the first time.
The fact that Samsung says facial recognition on the Galaxy S8 isn’t secure and still encourages you to set it up is the biggest preventable security snafu I’ve seen in a major tech product.
This is not a technical achievement. It’s an ill-advised attempt to add a wow-factor to the Galaxy S8. My advice: If you get the S8, do not enable facial recognition. Use your fingerprint or a passcode instead. And Samsung should either find a way to make facial recognition equally as secure as those methods or remove it from the phone altogether in a software update.