Skip to content

Samsung Android must be configured to disable authentication mechanisms providing user access to protected data other than a Password Authentication Factor: Face recognition.

An XCCDF Rule

Description

<VulnDiscussion>The biometric factor can be used to authenticate the user to unlock the mobile device. Unapproved/evaluated biometric mechanisms could allow unauthorized users to have access to DOD sensitive data if compromised. By not permitting the use of unapproved/evaluated biometric authentication mechanisms, this risk is mitigated. SFR ID: FMT_SMF_EXT.1.1 #22, FIA_UAU.5.1</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-260445r953770_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Note: This requirement is not applicable for specific biometric authentication factors included in the product's Common Criteria evaluation.

Configure the Samsung Android devices to disable Face Recognition.

On the management tool, in the device restrictions, set "Face Recognition" to "Disable".