Dec 22, 2024 | Updated: 11:35 AM EDT

Samsung Galaxy S8 Iris Scanner Shows Vulnerability Using Photo & Contact Lens

May 25, 2017 04:49 PM EDT

Another vulnerability of the security feature of the Samsung Galaxy S8 was discovered by researchers at Chaos Computer Club. The flagship could be tricked that the owner of the smartphone can access the device even if it is just the photo of the eye that was used. It is similar to the device’s facial recognition technology that was fooled by a picture.

To find out if the Galaxy S8’s Iris Scanner could be hacked, the researchers registered a volunteer’s eyes using the feature of the flagship to set up the device’s security, BBC reports. They photographed one of the eyes of the volunteer using a digital camera with an infra-red night vision setting.

The researchers printed the photo and placed a contact lens over the image. When the Galaxy S8’s Iris Scanner saw the fake eye, the device unlocked. Samsung says it is aware of the vulnerability but points out that the technology went through rigorous testing to prevent attempts to compromise the device’s security. The Seoul-based tech giant adds if there is a potential vulnerability or a new method challenges its efforts to ensure the phone’s security at any time, Samsung will respond as quickly as possible to resolve the matter.

The Chaos Computer Club, a hacker group in Europe, published how it managed to expose the vulnerability of the Galaxy S8’s Iris Scanner. It also posted a video clip of the hack, The Next Web reports. Dirk Engling, the spokesperson of the club, points out that the iris recognition technology has a bigger security risk than fingerprint technology because people expose their irises a lot of times. He suggested using the traditional PIN is a safer security method than body features for authentication of identity, The Guardian reports.

Ken Munro, a security expert, agrees with Engling. He adds that fingerprints are preferably better to unlock a device than use the Iris Scanner of devices such as the Galaxy S8. Munro points out that the fingers are already holding the phone, so the device could use prints of the iris rather than wave the smartphone if front of the face.

Real Time Analytics