Is your phone’s security guaranteed through biometric methods such as the use of a fingerprint sensor, or should it rely on the same traditional methods as password?
If there’s ever an appropriate time to call a gigantic tech conglomerate “red faced,” it’s probably now. In a terse statement released yesterday, Samsung acknowledged some clear cases and screen protectors can be used to bypass the fingerprint sensors on the Galaxy S10, Galaxy 10 Plus, Galaxy S10 5G, Galaxy Note 10, and Galaxy Note 10 Plus.
You don’t need a 3D printer, super-high-res camera, latex molds, or any cloak-and-dagger nonsense. A dirt-cheap phone case is all you need to unlock someone’s Samsung flagship.
It’s hard to excuse this massive breach of trust, and it’s even harder to understand why Samsung has so far failed to apologize to customers. Yet, this embarrassing mishap isn’t that surprising in the scheme of things.
Biometrics make for poor security anyway
Biometric methods of keeping the phone safe at the beginning of the work were a lot of commotion, but over time, their failings gradually became apparent, to the extent that these new methods can now be claimed to be uncertain. Instead, older methods of securing the phone, such as identifying a PIN or password, are a bit more difficult, but more reliable and more practical.
One reason is that in biometric methods, such as the face recognition system or the iris and fingerprint sensor, it is easier for the phone owner to be able to unlock and pass through the phone’s security system. For example, your relatives can trick you into unlocking and unlocking your cellphone or coming to sleep while using your fingerprint sensor to secure the phone. At times, this will only be possible by having a picture of the owner of the phone or a simple silicone frame, while using this method is somewhat more difficult to find through the phone’s password.
An old-school password is preferable to fingerprint readers, facial scanners, or retina/iris scanners
In some advanced countries, passing through the system based on biometric features of phone security is also legally easier than traditional methods. For example, police or other law enforcement officials can persuade you to unlock and provide your phone with a fingerprint sensor or face and iris detection system, but they cannot legally force you to provide your passcode. Make them pass your phone password on. Therefore, using a password to keep your phone safe in such circumstances would make more sense.
Another advantage of using traditional methods compared to biometric methods in maintaining the security of the phone is their ability to change and recover. For example, a mobile phone owner may change their password whenever the security of their phone is compromised, but this will not be possible with fingerprints or facial features.
In fact, if biometric information is leaked to protect the phone’s security, they cannot be changed and little is done by the phone owner to counter hackers. Given that mobile phones are now recognized as individuals and many of their personal and financial affairs are resolved over the phone, maintaining the security of the phone is of paramount importance. Therefore, the efficiency of the methods of protecting the handset should not be sacrificed for their charm and convenience and their appearance.
What you need to do?
If you’re worried about your smartphone security, there are a few simple things you can do to protect yourself:
- Pick a secure authentication method (PIN or password), but don’t be lazy: the more characters you use, the safer.
- Avoid pattern locks. They’re easier to spy on, and less secure than a good PIN or password.
- Disable features like Smart Lock that keep the device unlocked when it’s in certain areas or when a Bluetooth device is connected.
- Understand the difference between the various face unlock methods — the ones that use laser or infrared to scan your face are more secure than those that rely on the front-facing camera.
- Enable Lockdown mode, available on Android Pie and later. This gives you the option to quickly disable all unlocking methods except the PIN or password.
- Familiarize yourself with your specific phone’s security features. Some devices offer options like the ability to hide certain apps or content behind a specific fingerprint.
- Buy devices from reputable manufacturers that are more likely to receive regular security and system updates.
- In general, practice basic security hygiene. The chances of getting hacked remotely are much higher than of someone getting physical access to your device.
What is your preferred phone locking method?
- Nothing – I keep it unlocked
- Face unlock