Want to share with your friends too?

Science
24 May 2017

Samsung S8 Iris scanner is great, but it's not hack-proof

Samsung S8 iris scanner unlocked by simple hack

While phone makers have been touting iris-based recognition as the next big leap in phone security, a recent development proves that we are yet to come up with an iris-scanning system that can't be easily fooled.

Hackers affiliated to Chaos Computer Club in Germany recently showed how easy it is to bypass the Galaxy S8's iris scanner.

Here's all that you need to know.

In context

Samsung S8 iris scanner unlocked by simple hack
Just basic DIY would do

Hack

Just basic DIY would do

The hackers in the video took a picture of the person, whose Samsung S8 they intended to hack using the night mode option in the digital camera, as the iris-scanners use infrared for detection.

One doesn't even need to be close, any image taken from a medium distance will be enough to fool Samsung S8 iris scanner and then the hacking begins.

Printed eye

Print it and you are done

Now a printout of the image was taken and a contact lens was placed on it.

All that was left to do was point it at the Samsung S8's cutting edge iris-scanner, which ended up recognizing the printed image as the original eye.

The hackers said that this simple trick can be performed even by using the Samsung S8 owner's social media pictures.

Love Tech news?

Stay updated with the latest happenings.

Notify Me

All in a day's work

Idea

All in a day's work

Linus Neumann, one of the hackers, who appears in the video said to Motherboard that it took them, "about a day of experimenting until the idea came up to use a contact lens. Then, a little charade of printers until it turned out that the Samsung printer provided the most reliable prints."

What took years to perfect was squashed in a day's work.

Issue

Virtually impossible? Not anymore

Samsung's website says, "The patterns in your irises are unique to you and are virtually impossible to replicate, meaning iris authentication is one of the safest ways to keep your phone locked and the contents private," however, it probably didn't account for the fact that a simple hack could fool its "safest ways."

The firm told BBC that they were "aware of the issue."

Sometimes, the old ways are the best

Phone

Sometimes, the old ways are the best

The group's spokesperson, Dirk Engling said to The Guardian, "The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot."

Moreover, "If you value the data on your phone - and possibly want to even use it for payment - using traditional pin-protection is a safer approach than using body features for authentication."

Ask NewsBytes
User Image

Next Timeline