I have a new phone (actually, an end-of-line one) and one of its features is ‘Face Unlock’. You switch the phone on and, to identify yourself, you hold your face up to the screen, blink, and it lets you in. Great.
Except it doesn’t bloody work.
I’m sure in testing it’s great, but for me it fails miserably. I have maybe a 10% success rate. I’ve tried it in the street, in the car (parked, of course), in my bedroom, in the living room, under daylight, under artificial light. Most of the time it simply doesn’t recognise me. For the rest, it can’t seem to see that I’ve blinked as requested (part of the test to make sure you’re alive and not a photo).
Every time it fails, I have to resort back to PIN entry. In fact, it’s clear it was never intended to be entirely successful; when enabling the feature a PIN also has to be set up as a back-up option. Ninety percent of the time this ends up being the primary option, although not after the slight embarrassment of posing for a selfie every time I want to check my mail.
It’s a nice idea, but a failed one. Either make it work reliably or ditch the idea. A halfway option where it may-or-may-not work is a failure: the phone is clearly not working correctly.
We look at the alternatives for securing one’s phone: there’s no lock – easy access for thieves and friends who like to post “funny” updates on your Facebook profile; there’s slide – nearly as ineffective as the above; PIN entry and shape drawing are a reasonable effort but it only takes a couple of looks to know what your friend’s (or potential victim’s) unlock key is. Finally there is the password which is – let’s be honest – the most tedious option around.
Getting authentication right on phones, laptops and other ‘contact’ points is vitally important for the web of trust. As we place more personal information and rights on our devices, so the value of this content and the importance of security increases.
Almost as important is convenience: the ability to pick up a phone and use it without having to solve a challenge or fiddly negotiation of keys every time.
With news that Apple’s newest iPhone 5S includes fingerprint reading, one starts to see a glimmer of hope to this issue. Fingerprint scanners aren’t entirely secure but they’re a damn good start – and from what I read, Apple’s option is a lot more robust than many. Convenience-wise, our fingers are already pretty close to the device already (they’re “to hand” – if you’ll pardon the pun) and somebody would have to take pretty extraordinary measures to forge your fingerprint.
This is one particular feature I’m hoping finds its way onto all manner of phones in the near future. For the good of our mobile security, and for the balance of user convenience, we need to see some real improvements in this area.