Samsung Galaxy S8 Iris Scanner Hacked


Samsung touts iris scanning as a strong security feature of its new Galaxy S8 and Galaxy S8+ flagship smartphones but it’s far from perfect. As it turns out, it’s relatively easy to hack the Galaxy S8’s iris scanner and gain access to a device that’s secured using this method. A security researcher from the Chaos Computer Club in Berlin was able to trick the Galaxy S8’s iris scanner to gain access to a device that was locked.

Chaos Computer Club’s Jan Krissler was able to hack the Galaxy S8’s iris scanner by using a camera, contact lens, and a printer. He used a Sony digital camera with the night mode setting to take an image of his friend’s eye. He then printed out a life-size image of the eye and glued it on a contact lens to provide depth.

That’s all that he needed to do to get into the device as the iris scanner picked it up as the correct iris and immediately unlocked the phone. He even had access to Samsung Pay, Samsung’s mobile payment service, which can be configured to use iris scanning for payment authorization.

That being said, this method does require the person wishing to access the device to have a clear photo of the eyeball, but Krissler mentions that this method works even if the picture has been taken from up to 15 feet away.

Samsung has issued a statement saying that it’s aware of the issue and that “the iris scanning technology in the Galaxy S8 has been developed through rigorous testing to provide a high level of accuracy and prevent attempts to compromise its security, such as images of a person’s iris.”

The company also says that if there is a potential vulnerability or a new method to challenge the security, it will response “as quickly as possible” to resolve the issue.

Of course, this is not an easy hack that can be done remotely and it’s unlikely to be done randomly since it requires accessing your phone, and being close enough for a clear eye photo.  However, it does prove that nothing is unbreakable, especially when some level of convenience is expected from the system.

If you are worried about this, you can move critical data and apps to the Samsung Vault app, which adds one more layers which is protected by a optionally strong password. It’s not convenient, but the hackers might take a while to crack that one, even if they lift your eye photo or fingerprint.

You May Also Like

Related Articles on Ubergizmo

Popular Right Now

Exit mobile version

Discover more from Ubergizmo

Subscribe now to keep reading and get access to the full archive.

Continue reading

Exit mobile version