On Oreo, biometrics can be used and stored only with a secure screen lock

Home / News / On Oreo, biometrics can be used and stored only with a secure screen lock

With Android 8.0 Oreo, a big change is in order as far as biometrics on a Samsung device are concerned. Thanks to new compatibility rules implemented by Google in the latest version of Android, owners of Samsung devices will not be able to store their fingerprint, iris, or facial recognition data unless they use a secure screen lock such as a pattern, PIN, or password. Right now, if you switch back to an unsecured screen lock after adding your iris, face, or fingerprint, you can choose to keep and use biometrics inside Samsung Pay, Samsung Pass, and other apps and features that support them. With Oreo, that will not be possible.

Secure screen lock a must to keep biometric data on Oreo

The information comes from a document we have obtained, and indeed, we tested it out on a Galaxy S8+ running the Oreo beta and were able to confirm it. This doesn’t apply to those who are already using an insecure screen lock (‘swipe to unlock’, or the ‘none’ option that keeps the phone unlocked and skips the lock screen altogether) while having biometrics enabled for apps before they upgrade to Oreo. But switching back to an insecure screen lock on a device running Oreo after biometrics have been added will delete all biometric data. No option will be offered for keeping that data, as is the case on Nougat.

What does this mean? It means that should you want to use biometrics inside apps and features such as Samsung Pay or Samsung Pass, you must use a pattern or PIN to lock the device. It’s a good security measure, although it will be inconvenient for those of us who don’t prefer using biometrics to unlock their phone (yes, we do exist). Sadly, Samsung cannot skirt this rule as it is a part of the Android Compatibility Definition Document (CDD), which every manufacturer has to adhere to if it wants its devices to run Google’s apps and services.

The only way then, as mentioned above, is to make sure you have already set the screen lock type (in Settings » Lock screen and security) to swipe or none and saved your biometrics before you upgrade to Oreo. Thankfully, the Oreo update is still yet to arrive on any Samsung device, so you can go in prepared when the update hits. Well, unless you installed the Oreo beta on the Galaxy S8 or Galaxy S8+ without knowing about the new rule (which would be all of us), in which case you’re doomed to keeping your phone locked with a pattern, PIN, or password if you want to authenticate inside apps via iris, fingerprint, or facial recognition.

Are you among those users who keep their phone unlocked while using biometrics for other functionality? Tell us how you feel about the policy change on Android 8.0 Oreo.

Related: What’s New With Android 8.0 Oreo

Phones 11
Related newsLatest news
11 Comments

Leave a Reply

2 months 8 minutes ago
Reymund Manaog
So I could not use my biometrics now because I don’t have a screen lock? No more biometrics unlocking for Secure Folder, No more biometrics for paying on the google play store, No more biometrics for using samsung pass, and lastly no more biometrics for using samsung pay because they’re disabled unless the user placed a screen lock. Samsung why? You’re all about options! Why forcing your users to do what you want. If I only knew upgrading my device to Oreo will be this headache, I should just stayed on Nougat. Bring it back Samsung, I thought your slogan… Read more »
3 months 20 days ago
John Luttrell

Makes no difference Samsung are so slow with updates it’ll have changed by the time oreo reaches my S7 #sadbuttrue

A2theC
3 months 20 days ago
A2theC

From my experience this was implemented with nougat. Depending on the carrier (or unlocked) I suppose this may have had other options, I’ve had to remove my biometrics when changing between secure and insecure beyond android 6 on my S6 S7 Note7 S8 Note8 each have required me to have secure lock screen to use biometrics. I’ve loved Samsung Pay since my S6edge years ago, I’ve acutally abandoned root and (system level) mods to keep Knox fuse 0x0 and had this requirement ever since nougat to keep my finger/iris option installed.

dudeman456
3 months 21 days ago
dudeman456

This is Google’s move to further Google/Android Pay. Samsung’s position on this has been a hindrance to Google/Android Pay.

Biransahin
3 months 21 days ago
Biransahin

So, There isn’t any change at all unless you don’t use secure unlock which I assume just about everyone does. Those who prefer not to use bio-metrics should really think about the security of their devices. At least Google is trying to protect those dumb enough not to use it.

siddhant11911
3 months 21 days ago
siddhant11911

Tbh.. secure lockscreen should be mandatory

dudeman456
3 months 21 days ago
dudeman456

I don’t know a single person that uses it. Then again we don’t hang out around people we don’t trust. I use the fingerprint feature for payments.

2 months 25 minutes ago
Reymund Manaog
I wonder why you calling these people who doesn’t use screen lock, dumb. I had screen lock for many years but I realize turning it off is way more convenient than aligning your face properly to use your irises or covering the entire reader with your finger because the fingerprint reader demands more time. I mean, what are you getting scared about? If you lost your phone, immediately access your phone through Googles’s Find My Phone feature to place a screenlock and a lockscreen message that it was a stolen phone. Or if you’re still not contented, the feature has… Read more »
Top