Wednesday 24 May 2017

Samsung Galaxy S8 Iris Scanner Hacked Using Contact Lens

Samsung Galaxy S8

The Samsung Galaxy S8’s iris scanner has been tricked by a group of hackers.

The South Korean company has made a big deal about the handset’s iris scanner, which is supposed to be a highly secure and convenient way to unlock the S8 and authenticate payments.

However, Chaos Computer Club, a German hacking collective that has also conquered the iPhone’s TouchID fingerprint sensor, has fooled the system with a dummy eye.

The group managed to unlock an S8 using a picture of the owner’s eye with a contact lens placed on top of it, to mimic the curvature of a physical eyeball.

“If you value the data on your phone – and possibly want to even use it for payment – using the traditional pin-protection is a safer approach than using body features for authentication,” said Dirk Engling, Chaos Computer Club’s spokesperson.

“The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot. Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.”

According to the hackers, you can dupe the iris scanner with a picture taken from social media sites, but digital photographs taken in night mode work best.

They also took the opportunity to have some more fun at Samsung's expense, claiming: “Ironically, we got the best results with laser printers made by Samsung.”

While the Galaxy S8 is a highly impressive device, the poor placement and design of its fingerprint sensor damages the user experience significantly.

It’s small, shallow, difficult to reach and positioned right next to the camera lens. Unfortunately, the high-tech alternatives aren’t perfect either.

The iris scanner fails on a regular basis, as it struggles to work in bright light and when you’re moving. The phone’s facial recognition system, meanwhile, was tricked by a photograph almost immediately after launch.

That leaves the PIN as the most reliable way of unlocking the phone. Unfortunately, according to a recent study, PIN codes can be exposed simply by watching how a phone moves when it is being held.



Etiam at libero iaculis, mollis justo non, blandit augue. Vestibulum sit amet sodales est, a lacinia ex. Suspendisse vel enim sagittis, volutpat sem eget, condimentum sem.