Samsung’s Galaxy S8 and S8 Plus have both IRIS and Facial Recognition features, making it easier for users to unlock their smartphone and signing into websites. But, we have seen a number of hacks involving Biometric security systems in the past, which prove that fingerprint scanner and IRIS scanner are less secure than a passcode and can be fooled by anyone, perhaps, using a photograph of the user. YouTube vlogger iDeviceHelp posted a video on his channel, in which he demonstrated that unlocking a phone is as simple as getting the device owner’s picture from Facebook.
Source: https://thehackernews.com/2017/03/samsung-galaxy-s8-facial-unlocking.html