Samsung Galaxy S8 iris scanner hacked using contact lens
There are also serious issues with the handset's fingerprint sensor
The Samsung Galaxy S8’s iris scanner has been tricked by a group of hackers.
The South Korean company has made a big deal about the handset’s iris scanner, which is supposed to be a highly secure and convenient way to unlock the S8 and authenticate payments.
However, Chaos Computer Club, a German hacking collective that has also conquered the iPhone’s TouchID fingerprint sensor, has fooled the system with a dummy eye.
Samsung Galaxy S8
Show all 10The group managed to unlock an S8 using a picture of the owner’s eye with a contact lens placed on top of it, to mimic the curvature of a physical eyeball.
“If you value the data on your phone – and possibly want to even use it for payment – using the traditional pin-protection is a safer approach than using body features for authentication,” said Dirk Engling, Chaos Computer Club’s spokesperson.
“The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot. Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.”
According to the hackers, you can dupe the iris scanner with a picture taken from social media sites, but digital photographs taken in night mode work best.
They also took the opportunity to have some more fun at Samsung's expense, claiming: “Ironically, we got the best results with laser printers made by Samsung.”
While the Galaxy S8 is a highly impressive device, the poor placement and design of its fingerprint sensor damages the user experience significantly.
It’s small, shallow, difficult to reach and positioned right next to the camera lens. Unfortunately, the high-tech alternatives aren’t perfect either.
The iris scanner fails on a regular basis, as it struggles to work in bright light and when you’re moving. The phone’s facial recognition system, meanwhile, was tricked by a photograph almost immediately after launch.
That leaves the PIN as the most reliable way of unlocking the phone. Unfortunately, according to a recent study, PIN codes can be exposed simply by watching how a phone moves when it is being held.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments