Skip to main content

Major Security Flaw — Google Pixel 4’s Face Unlock Works Even if Your Eyes are Closed

Major Security Flaw — Google Pixel 4’s Face Unlock Works Even if Your Eyes are Closed

Recently, Google launched its latest Pixel 4 series smartphones. It hasn't even arrived yet and someone has already found a major security flaw in the device. Google Pixel 4's Face Unlock works even if your eyes are closed and it's a major security flaw. This can be a problem as it can allow for unauthorized access if the person is asleep or even dead in more extreme cases.

It is a serious privacy concern because it allows attackers to easily gain access to a person's device without their permission. Someone could easily open it just by holding up to the owner's face when the owner is asleep.

Now, unauthorized access into a Google Pixel 4 phone is a constant concern for those who will buy one.

According to the BBC reporter, Chris Fox, the Google Pixel's Face Unlock feature works even if a user's eyes are closed, a clear security risk for anyone with a Pixel 4. Using default settings, users who are asleep or even dead could unknowingly unlock their phones for others. Chris Fox tweeted a video on twitter as proof for the flaw. He also tried this with different users and the same thing happened.
At Google Pixel 4 series launch, Pixel product manager, Sherry Lin said that there are actually only two face unlock solutions that meet the bar for being super-secure  it's ours and Apple's. However, This shows that Google Pixel 4's Face Unlock feature is actually a step back from Apple's Face ID.

Google was so sure of its Face Unlock's strength that it removed fingerprint sensors from the latest Pixel 4 series, leaving its brand new facial recognition system as the only biometrics authentication system available on the device. Google also claims that Pixel 4's Face Unlock is one of the most secure Face Unlock solutions that you can authorize payments and log in to apps with it.

Because both Pixel 4 and Pixel 4 XL use a unique technology that Google calls Project Soli. It is a mini radar chip that can identify a face in 3D, finger movements, hand gestures, and even body movements. It is technically better than Apple's Face ID mechanism but Google's implementation of the Soli chip inside Pixel 4 and the Pixel 4 XL is not good enough.

Ideally, a smartphone shouldn't unlock when its registered user has closed their eyes or when they are dead.

And For that Google Pixel 4 series must have a "Require eye to be open" feature on the device. Here, is why it is important. If someone looking to get into a Pixel 4, grabs the device and puts it up to the owner's face when the owner is asleep, it will unlock. It is worth noting that Apple also has similar technology for its face ID system on the iPhone X and its latest iPhone 11 models. But it required people's eyes to be open in order to work. This allows a person to keep his eyes closed in order to prevent his iPhone X and iPad 11 models from being unlocked against his will.

But Google reportedly told BBC News that "Require eye to be open" would not feature on Pixel series when it goes on sale, on 24 October 2019. So, It is a constant cause of concern for those who will buy one.

Major Security Flaw — Google Pixel 4’s Face Unlock Works Even if Your Eyes are Closed

Google seems to be aware of the problem, stating on a Pixel 4 help page that Your phone can also be unlocked by someone else if it's held up to your face, even if your eyes are closed. Google encourages users to keep their phones in a safe place like your front pocket or handbag to reduce the likelihood of these events.

Major Security Flaw — Google Pixel 4’s Face Unlock Works Even if Your Eyes are Closed

There is no option to stop the phone from unlocking when the user's eyes are closed. However, Google said that it will continue improving the Face Unlock feature on Pixel 4 and Pixel 4 XL in the future, which gives us hopes that the missing option will be released with a software update. However, it is laughable that a huge tech brand like Google missed out on such a basic aspect of device security.

Google also says that in case the users are worried and want enhanced security then they can always turn on the "Lockdown" feature (Settings > Display > Advance > Lock Screen Display > Enable the Show Lockdown Option) to disable Face Unlock and force device owners to unlock their device by using a PIN, password or pattern every day before taking a nap or going to sleep.

Over the past couple of years, Face Unlock has become a huge part of our smartphone experience. But most Android smartphone makers have so far selected a less expensive and less secure Face Unlock technology. So, it was exciting to see Google's own version of Face Unlock security strength. But it turns out that Google's Face Unlock also has a major security flaw.

Biometrics is great when they work, but they are not the best way to secure your phone on their own. A strong passcode is still more secure than any biometrics at least for now.

I hope you find useful information in this article. If you have any questions related to Google Pixel 4's Face Unlock security flaw then please mention in the comments section and I will get back to you and stay tuned with my blog to learn interesting things related to cybersecurity and hacking.

Comments

Popular posts from this blog

How To Check If a Link Is Safe To Click

Many times, we share links among our friends on social media platforms like WhatsApp, Facebook, Instagram or Twitter. But do we know how safe they are? What can happen if you click on any malicious link? We never think of the following things : Links can drop various harmful programs, viruses on your device Links can steal your personal data by dropping spyware or keyloggers Use your browser for crypto mining which will affect your device's performance Even if your device is secured with antivirus, not all of them warn you before clicking such malicious links . And the moment you click on these, they will become big trouble for you. This can sometimes even be dangerous with regard to data security and identity theft. So, Be careful about what you click on. These days one of the quickest growing security issues is ransomware , which is often spread by the user unintentionally clicking dangerous links in emails, social media platforms, messengers, and other tool

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik

Facebook, Instagram and WhatsApp Down : Apps Crash For Users Worldwide Including In India

If you are facing problems with Facebook , Instagram , and WhatsApp on your device then you are not alone. Suddenly, the service of Facebook, Instagram, and WhatsApp's are facing technical problems since late evening on Wednesday. Users are facing these types of problems on Facebook :- While using Facebook, Users are facing problems in loading images, loading videos, and loading all other data across its apps while some users were unable to load photos on Facebook News Feed. On the Twitter platform, Facebook said that it is aware of the issue. Users are facing these types of problems on Instagram :- On Instagram (just like Facebook apps), the issues appear to be limited only to a certain part of the site. Many users report an issue to Instagram that their feed might not load, also it is not possible to post anything new (images, videos, stories) into it. If a user tries to post anything new (images, videos, stories) brings up an error indicat