The Galaxy S8 and S8+ are now available for sale. They are beautiful devices that are very similar to the S7 Edge with curved edges that appear to blend into the back. Samsung uses the word "infinity" to describe the new screens. Besides the wonderful graphics, there are several options for unlocking the phone. As always, I recommend configuring a password as the lock code. Passwords are knowledge and most courts have determined that you don't have to give up your password. Biometrics are a different animal. You can be compelled to give up your fingerprint just like DNA. If you insist on configuring the biometric lock options for the S8, which one is the most secure?
One of the new capabilities is facial recognition, which is woefully bad. It has already been shown that the phone can be unlocked just by putting a picture of yourself in front of the sensor. Bottom line…don't use the facial recognition feature. A second biometric option is the fingerprint scanner. It is a little cumbersome to use the scanner since it is on the back of the phone right next to the camera lens. Even though it is awkward, the fingerprint scanner is way more secure than using the facial recognition feature. The third biometric option is the iris scanner. The company behind the iris-scanning tech utilized in the Galaxy S8 claims iris scanning is superior to even the FBI's fingerprint tech. That's because the iris scanning technology utilizes as many as 200 reference points per eye or up to 400 references total. In contrast, consumer fingerprint technology only uses 13 reference points.
The recommendation is to use a password as your primary unlock mechanism. If you want to use biometrics, configure both the fingerprint and iris scanners. That way, if it's pretty sunny outside and there is trouble with the iris scan, you can still use the fingerprint as a backup.
E-mail: firstname.lastname@example.org Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology