•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Biometric phone unlocking methods such as fingerprint and facial recognition are designed for convenience, but cybersecurity research and expert commentary cited in the article suggest they can also create security risks—especially in everyday situations involving travel, device lending, or coercion.
The article describes fingerprint unlocking as a process where users register a fingerprint in phone settings and then unlock the device by placing a finger on the sensor. It notes that this can eliminate the need to remember a password.
However, the article argues that fingerprints are widely present on a device’s surfaces because phones are used daily. If a phone is obtained by someone else, the article says an attacker may be able to use a copied fingerprint to unlock the device. It also highlights scenarios such as travel, meals, or falling asleep, where someone could hold the phone and place a finger on it to gain access and operate the device.
Facial unlocking is presented as working similarly to fingerprint unlocking: the phone unlocks automatically when the user’s face is detected, without requiring a password.
The article states this method is also vulnerable. It describes the possibility that an attacker could hold the phone up to the user’s face without the user noticing, and notes that some phones can be unlocked using a photo of the face. Once unlocked, the attacker could access the device.
To improve safety, the article recommends that users still set a more complex screen password, such as a numeric code or a pattern.
According to the article, a cybersecurity research group reported that many everyday scenarios can lead to data loss when using fingerprint or facial unlock. In tests, the article says a moment of inattention at locations such as an airport or border control—or lending a phone—could allow the device to be opened by coercion.
The article also says many apps support login using the same fingerprint or face already used to unlock the phone. This can create an “unlock chain,” where unlocking the device enables access to multiple apps and makes it easier to copy data if apps are not fully encrypted.
In the tests described, the article states that attackers could copy data within minutes without triggering warning mechanisms.
The article cites Cisco Talos research stating that an attacker could create a fake fingerprint using a cheap 3D printer and fingerprint images collected from surfaces such as cups or desks. It reports up to an 80% success rate in fooling mobile and laptop sensors.
It also notes that researchers identified vulnerabilities in Windows Hello that could bypass fingerprint authentication, which Microsoft had previously rated as highly secure.
Unlike passwords, the article says fingerprints are unique. If biometric data is stolen—such as from an organization’s database—it can be used for long-term access to devices or services and may be traded on the dark market. The article further states that security experts cited by AVG consider biometric leaks more dangerous than password leaks.
The article describes coercion scenarios where someone could force a user to unlock a phone with a fingerprint without consent, including while the user is sleeping.
According to the article, AVG reports that fingerprints can wear down over time due to factors such as age, chemicals, manual labor, or dermatological conditions. This can lead to sensor errors, potentially forcing users to revert to a password or abandon strong passwords due to inconvenience.
The article emphasizes that biometrics may expose sensitive information quickly if a phone is lost or accessed illegally during travel checks, including emails, messages, and banking information.
As a safeguard, the article recommends using a strong screen password or PIN of at least six digits, combined with data encryption and two-factor authentication for important apps. It concludes that while biometrics are convenient, adding a password can provide a safer layer in situations involving potential unauthorized access.
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
