The flaw that grants access to the Amazon Prime exclusive Lenovo Moto G5 without authentication isn’t a flaw at all, according to the online retailer.
Amazon Prime members can pick up mobile handsets at a discount, as long as they can deal with the lock-screen ads that will appear on the phone in return. It was through one of these ads on the Moto G5 plus that users noticed the alleged security flaw on the handset. Tapping on a lock-screen ad reportedly bypasses the lock screen altogether, opening up Chrome and leaving the phone vulnerable to malicious use.
Amazon has responded, saying the lock screen is only bypassed because of the universal Android feature Smart Lock, which works through body detection so it recognizes that the handset is in motion and that is why the screen unlocks.
Reddit users have investigated the function and found that it only happens if the phone has’t been locked in the first place, and after 30 seconds the handset will go into full secure mode.
Smart Lock should not be automatically enabled on the Moto G5, so the easiest way to fix the “flaw” is to disable the function.