Hackers Expose Galaxy S8's Iris Scanner Security, Samsung Investigates Issue
The European hacker community "Chaos Computer Club" on Wednesday published a video showing a purported security hole in the iris scanner of Samsung's Galaxy S8 smartphone.
The video named "Circumventing the Samsung Galaxy S8 Iris Scanner" shows Samsung's latest flagship smartphone being fooled by an image of an iris with a contact lens placed over it.
In the video, the fake iris is produced by taking a photo of a person's eye with a digital camera in night mode. A contact lens was placed on the printed image to match the curvature of the lens of an actual eye.
"Iris recognition may protect a phone against complete strangers unlocking it, but whoever has a photo of the legitimate owner can trivially unlock the phone," said Chaos Computer Club (CCC) spokesperson Dirk Engling. "If you value the data on your phone - and possibly want to even use it for payment - using a traditional PIN is a safer approach."
Samsung said that it was aware of the issue, but did not provide any solution. The company tried to assure that the iris scanning technology in the Galaxy S8 has been developed through "rigorous testing to provide a high level of accuracy and prevent attempts to compromise its security, such as images of a person's iris."
The South Korean tech giant has been keeping a watchful eye on several reported technical issues -- including reports of excessively red-tinted displays and claims of spotty WiFi networks -- especially as the production of the Galaxy Note 7 phablet was suspended last year over safety issues with its battery.