Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Android Privacy Google Security

Trusted Face Smart Unlock Method Has Been Removed From Android Devices (androidpolice.com) 11

The not-so-widely-used trusted face smart unlock feature has officially been removed from Android, news blog Android Police reported this week. From the report: Trusted face was added in 2014 and has been accessible to users on all Android devices until recently. Now, it's completely gone from stock and OEM devices, running Android 10 or below. The feature was accessible under Settings -> Security -> Smart Lock -> Trusted face. It didn't use any biometric data for security, instead just relying on your face to unlock your device. A photo could easily fool it. The writing was on the wall for its removal: It was broken on Android Q Beta 6 and we know Google has been working on a more secure face authentication method. But it's not only Android 10 that no longer has the Trusted face option. We've verified that the option is gone from the OnePlus 6T, Samsung Galaxy S9 and S10, Nokia 3.2, all of which are running Android Pie stable.
This discussion has been archived. No new comments can be posted.

Trusted Face Smart Unlock Method Has Been Removed From Android Devices

Comments Filter:
  • That is weird, my Note 10+ has Face Unlock still. It does say it is not secure as a picture could unlock the device.

  • by BitterOak ( 537666 ) on Thursday September 05, 2019 @04:19PM (#59163242)

    It didn't use any biometric data for security, instead just relying on your face to unlock your device.

    Either I don't understand what "biometric data" means or the author of the article doesn't. Isn't the image of your face a form of biometric data?

    • I was wondering this as well; one could probably make an argument either way. My opinion is that it depends on if it tries to do any analysis of facial features. If it doesn't, it's just image analysis.
  • I can confirm that it disappeared on my Samsung S8 running Pie as well.

  • To me this raises an interesting question - should this feature have been removed?

    Yes it is very insecure. Yes it can be unlocked with just a photo. But for most people it may well have been the most convenient way to unlock a phone, and let face it - the practical reality is that for most people no-one is going to go to the bother of using a picture of someone else to unlock the phone.

    So should this have been removed to protect the security of users, even if it makes the overall experience of using the p

    • by quenda ( 644621 )

      Yes it is very insecure.

      Yes, against a determined & targeted local attack.
      But many (most?) people just want to stop casual snooping, or access by a stranger if lost or stolen.

      There is always a trade-off between convenience and security, and Google has traditionally offered people a choice, e.g. installing apps from other sources.
      I like the way an Android phone can be made to unlock when it connects to your car's bluetooth. Not terribly secure, but good enough.

      • by tlhIngan ( 30335 )

        Yes, against a determined & targeted local attack.
        But many (most?) people just want to stop casual snooping, or access by a stranger if lost or stolen.

        While it's vulnerable to a targeted attack, it doesn't stop casual snooping, because anyone who would want to snoop on it already can break it using a photo.

        Said photo isn't hard to get - if you're a friend, or significant other, you'd already have dozens of said photos in your camera roll of your "victim". So you can use this to unlock the phone to prank

        • by quenda ( 644621 )

          because anyone who would want to snoop on it already can break it using a photo.

          Said photo isn't hard to get

          I would not call that "casual". I could easily break into my friends home too, even without damage. But bypassing a lock crosses a line. Would not be good for a friendship, and grounds for dismissal at a place of work.

      • What I don't get is, why don't they combine the various unlocking methods?

        I don't like fingerprint unlocking, by itself. But I would love to have a setting where, after I enter my PIN#, my phone still doesn't unlock unless it detects my finger on the fingerprint sensor. Or, in a similar vein, it would detect my face -- or maybe it's really just a photo -- but then it still needs the PIN#, my fingerprint, or some other source of authentication.

  • I don't give a four-star about face unlock but what does really piss me off is that they just arbitrarily killed off the extremely useful text widget - a widget that shows the last few sms texts received. I used this widget for work every day regularly. Why Google would you kill off something that is half the reason I use an android phone? FML, they are either complete idiots or psychopathic scumbags or more likely - both.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...