Android phones have been using biometric trusted face facial identification for multi-factor authentication on many of its models. However, studies have shown that around 40% of Android phones using 2D cameras are vulnerable to bypassing the trusted face feature.
In this guide, we’ll show you how easy it is to bypass the feature on an LG G5 phone. First, a helpful assistant registers a trusted face by going to Settings > General > Smart Lock > Trusted Face and entering their face. They can also improve the facial tracking by entering different angles of their face.
Once the face is registered, the phone can be unlocked by pointing it at the registered face, without the need for a PIN. However, in the hands of an attacker, the phone can still be locked with a swipe that requires a passcode.
But, if the attacker has a high-resolution or even a low-resolution picture of the person who registered the trusted face, they can easily unlock the phone. All they need to do is point the phone at the picture and the trusted face feature will be bypassed.
Researchers have found that phones that use 2D cameras are vulnerable to this type of attack. If you have a phone with this type of camera, it is best to use a passcode or a pattern to lock your phone instead of relying solely on the trusted face feature.
Bypassing the trusted face feature on Android phones is easier than you think. So, if you’re using an Android phone with this feature, make sure to take the necessary precautions to protect your personal information.