Samsung Android must be configured to disable Face Recognition. NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product Common Criteria evaluation.
An XCCDF Rule
Description
<VulnDiscussion>The fingerprint reader can be used to authenticate the user in order to unlock the mobile device. At this time, no mobile device biometric reader has been evaluated as meeting the security requirements of the MDFPP or been approved for DoD use on mobile devices. This technology could allow unauthorized users to have access to DoD sensitive data if compromised. By not permitting the use of non-password authentication mechanisms, users are forced to use passcodes that meet DoD passcode requirements. SFR ID: FMT_SMF_EXT.1.1 #23, FIA_UAU.5.1</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-230984r607691_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the Samsung Android to disable Face Recognition.
On the management tool, in the device restrictions section, set "Face" to "Disable".