A flawed face scanner

The most notable new feature on Google’s Pixel is also the most flawed part of the device.

Google decided to go all in on face-scanning as a way of unlocking the Pixel 4. When you set the phone up, you scan a 3-D model of your face. From there, whenever you pick up the device, it will unlock as soon as it verifies your mug.

The face scanner is part of a new system that Google calls Motion Sense, which is an array of sensors including infrared and depth-sensing cameras and a miniature radar. The radar senses when someone reaches for the phone and activates the infrared cameras so they can scan your face in less than a second.

The problem? BBC News reported last week that the face scanner would unlock even with a user’s eyes closed, which I confirmed in my tests. This is a major security flaw. If you’re asleep, all someone has to do to get access to your personal data is take your phone and hold it up to your face. That makes the face scanner, in some ways, a weaker security feature than a fingerprint sensor.

Google said in a statement that it would release a software update in coming months adding the option to require a person’s eyes to be open before unlocking the phone. In the meantime, the company said, people could temporarily disable face unlock and use a PIN, pattern or password instead.

In contrast, the iPhone requires that its owner look toward the screen before it unlocks. Apple also claims that the likelihood of bypassing its Face ID scanner with the incorrect face is one in a million.

I asked Google what the false-acceptance rate was for the Pixel 4’s face scanner. Google would say only that the biometric requirements exceeded its standards for Android phones in general.

For now, Google’s face unlock looks like an unfinished security feature that doesn’t feel safe to use, and releasing it in this state suggests that the search giant treats device security as an afterthought. This is a bad look for Google in a time when many people are concerned about their digital privacy.