Samsung’s new Galaxy S8 smartphone features a iris-recognition which as per the company is the latest security feature which is defense-grade security stands guard around the clock. But it has been defeated by German hackers, less than a month after it hit shelves around the world.
Chaos Computer Club, a German hacking collective, has fooled the system with a dummy eye. The group managed to unlock an S8 using a picture of the owner’s eye with a contact lens placed on top of it, to mimic the curvature of a physical eyeball. German hackers said the iris scanner can be duped with a picture taken from social media sites, but digital photographs taken in night mode work best. They also had some fun at Samsung’s expense, claiming: “Ironically, we got the best results with laser printers made by Samsung.“
They pulled it off by taking a photo of the target from about five meters away, and printing a close-up of the eye on a laser printer made by Samsung, no less. A regular contact lens was placed on top of the print to replicate the curve of an eyeball. When the print was held up to the smartphone, the S8 unlocked.
“The security risk to the user from iris recognition is even bigger than with fingerprints as we expose our irises a lot,” said Dirk Engling, spokesperson for the group, which previously hacked the iPhone 5S fingerprint sensor using photos of a glass surface. “Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.” Hope Samsung works on the fixing this issue so that user could feel safer.