Which Galaxy S8 unlock option is the most secure?

Samsung is going all-in on biometric authentication with the Galaxy S8. But which one should you use?

You can use up to three different methods to unlock your Galaxy S8 phone using nothing more than your body. The front-facing camera can scan and identify your face, or you can use the embedded iris scanner to read your eyes like a fingerprint. Oh, and of course there's an oddly placed fingerprint sensor on the back of the phone.

All three work, and are fun to show off with to friends and family members. But which method(s) should you use, and which should you avoid?

Facial recognition

Screenshot by Jason Cipriani/CNET

Don't use this feature if you want to secure your phone.

Harsh and to the point, I know, but it's not all that secure. In fact, during the Galaxy S8 event, as covered by Ars Technica, a blogger was able to unlock one of the demo devices using a picture of himself.

In theory, if someone had physical access to your phone, all he or she would need is a photo of you to unlock your phone.

Samsung provided the following statement to CNET when asked about face recognition being tricked so easily:

The Galaxy S8 provides various levels of biometric authentication, with the highest level of authentication from the iris scanner and fingerprint reader. In addition, the Galaxy S8 provides users with multiple options to unlock their phones through both biometric security options, and convenient options such as swipe and facial recognition. It is important to reiterate that facial recognition, while convenient, can only be used for opening your Galaxy S8 and currently cannot be used to authenticate access to Samsung Pay or Secure Folder.

TL;DR: Cool party trick, but not all that secure. Don't use it.

Fingerprint scanner

Samsung Galaxy S8

Josh Miller/CNET`

Most phones have a combined fingerprint scanner and home button, making it easy to unlock your phone without a passcode. The S8's fingerprint scanner, though, is on the back of the phone next to the camera lens. It can be hard to reach, it's awkward, and you're going to smudge your camera lens from time to time.

However, unlocking your phone using your fingerprint is far more secure than using your face, and it's a very secure choice.

Iris scanner

Jason Cipriani/CNET

In theory, this is by far the safest method you can use to unlock your Galaxy S8. In an interview with Business Insider, the company behind the iris-scanning tech utilized in the Galaxy S8 claims iris scanning is superior to even the FBI's fingerprint tech.

Why? Because iris scanning tech reads and stores more data points, in turn making it harder to trick the tech. Using a red light and a dedicated camera, the Galaxy S8 scans your eye, which, just like your fingerprint, has a unique pattern that the phone is able to read and turn into a key. A key only you hold.

According to the Business Insider story, fingerprint tech uses 13 reference points. Scanning an iris could lead to as many as 200 reference points, and the S8 examines both eyes, meaning the potential is there for 400 reference points just to unlock your phone.

Just know, however, that enabling the iris scanner prompts a bunch of warnings, including ones to deter those with epilepsy or related conditions. If you or your family members fall into that category, it's best to skip this option.

Two out of three isn't bad

Samsung has yet to officially state which method is the most secure, and without knowing specifics concerning the number of reference points when using the iris scanner, it's hard to declare one the winner.

Thankfully, Samsung allows you to enable two authentication methods to unlock your phone or make payments with Samsung Pay. One of these has to be the fingerprint sensor, with the second being your choice of facial recognition or iris scanning.

My advice? Set up the fingerprint sensor, and then set up the iris scanner. Enable both features as a means to unlock your S8, using a fingerprint as a fallback when you're in direct sunlight or the iris scanner is struggling to read your eyes. Doing so makes you feel a bit like a top-secret spy, unlocking a phone just by looking at it while avoiding mucking up your camera lens.

If you want to speed up the process of using your irises as an unlock method, be sure to enable "Iris unlock when screen turns on." The option is found in Settings > Lockscreen and security > Iris Scanner.

With that option enabled, the moment you press the power button to wake your device the iris scanner begins looking for your eyes to unlock. Most of the time, it's a nearly instantaneous process as long as I'm holding the phone at the proper distance and height.