When Google unveiled the Pixel 8 series last week, they focused on all the new AI-powered features the pair of smartphones have. The Pixel 8 and Pixel 8 Pro bring more to the table than new camera features, though there’s only so much information that Google can convey in a 1-hour presentation that also introduced a new smartwatch and Pixel Buds Pro features. One of the most significant improvements that was only made apparent after the keynote ended is the improved face unlock: The Pixel 8’s Face Unlock works with banking apps and Google Pay.
According to Google, Face Unlock on the Pixel 8 series “meets the highest Android biometric class, allowing you to access compatible banking and payment apps like Google Wallet.” This is in stark contrast to the previous-generation Pixel 7, where Face Unlock could only be used to unlock the device. But if you look at the Pixel 8’s specs, you’ll find that it only has a single front-facing camera similar to the one on the Pixel 7. So why is Face Unlock on the Pixel 8 so much more capable than on the Pixel 7?
Once again, we have to turn to Google themselves for the answer. In a blog post about their new Tensor G3 chip, Google credits “new machine learning advancements” for the Pixel 8’s improved Face Unlock. Google, unfortunately, didn’t say what those ML advancements actually were, but the fact that they were able to achieve this feat without packing additional dedicated Face Unlock hardware is a huge milestone for biometric authentication. Here’s why.
Face unlock on the Pixel 8 no longer compromises on security
Biometric sensors are supposed to make accessing your phone more convenient, but the trade-off is that they’re less secure than your PIN, pattern, or password. Unlike these “primary” authentication methods, biometric authentication is susceptible to false positives, which is why Android differentiates biometric sensors based on their biometric strength. Depending on how low the sensor’s Spoof Acceptance Rate (SAR), Imposter Acceptance Rate (IAR), and False Acceptance Rate (FAR) are, the sensor will be classified as Class 3 (formerly “Strong”), Class 2 (formerly “Weak”), or Class 1 (formerly “Convenience”).
What tier the sensor falls under determines what Android allows the sensor to be used for. Class 1 sensors, for example, can’t integrate with the BiometricPrompt API, which is what many banking apps and password managers use for sign-in. Face Unlock on the Pixel 7 is a Class 1 biometric, which is why it can only be used for unlocking the device. Face Unlock on the Pixel 8, however, is a Class 3 biometric, which is why it can also be used for banking app sign-ins and authenticating contactless payments.
One of the reasons that Google shied away from Face Unlock for so long (and why they got rid of Trusted Face) is that it was less secure than other biometric methods. If your phone’s Face Unlock relies on nothing but a single RGB camera, then there’s a decent chance it can be fooled by someone holding up a photo of your face. Face Unlock algorithms that avoid these simple kinds of spoofing attacks have been around for a long time, and there are even vendors (like Megvii) that sell this tech to smartphone makers. But no matter how good these algorithms were, they were never good enough for the phone’s Face Unlock to make it as a Class 3 biometric — until the Pixel 8, that is.
Though the Pixel 8 and 8 Pro aren’t Google’s first phones to have a Class 3 Face Unlock, they are Google’s first phones to achieve this without needing dedicated hardware. In contrast, the Pixel 4 needed two IR cameras, a dot projector, a flood illuminator, and a front-facing camera to achieve a Class 3 Face Unlock. While the Pixel 4’s extra hardware made it possible to use it in the dark, it forced the phone to have a huge top bezel to house all those components. A bezel as big as the one in the Pixel 4 wouldn’t fly in 2023, but the Pixel 8’s advanced Face Unlock means we get to have the best of both worlds: secure face unlock and a tiny bezel.
Can we trust Google on the Pixel 8’s face unlock?
There’s been a lot of debate about whether we can trust Google on various aspects of the Pixel 8, but one thing we don’t have to just take their word for is whether the Pixel 8’s Face Unlock is as secure as they say it is. That’s because the metrics that it has to meet in order to be classified as Class 3 are well-defined. Specifically, a Class 3 biometric has to have a Spoof Acceptance Rate (SAR) between 0-7%, a False Acceptance Rate (FAR) of 1/50k or lower, and a False Rejection Rate (FRR) below 10%.
These metrics are actually tested and verified as part of the phone’s process to receive Android certification. Pixel, like every other OEM whose device has a biometric sensor, has to comply with the Biometric Security Program. The Biometric Security Program ensures that OEMs adhere to Google’s criteria and testing requirements.
The Biometric Security Program requires them to submit a Biometric Compliance Report (BCR) either directly to the Android team (self-certified) or through a third-party biometric security lab. The Android team (which is separate from Pixel) then reviews BCRs and even randomly takes samples of devices to test their biometric security; if they detect any abnormal results, the OEM has to either push an update that fixes the issue or downgrade the biometric class.
Either way, these tests are repeatable, and if the Pixel 8’s Face Unlock fails to live up to its classification, then we’ll probably hear about it as it reaches the hands of consumers over the next week.