Hackers reportedly bypass Samsung Galaxy S8's 'airtight' iris scanner
Hackers have once again proved there's no such thing as true security for your phone.
Researchers at the Chaos Computer Club (via Motherboard) claim to have bypassed the iris scanner on Samsung's Galaxy S8 using a simple photo of a person's iris and an ordinary contact lens.
SEE ALSO:Watch how far Samsung's Galaxy S8 has evolved from the original Galaxy SSamsung's "airtight" (the company's word, not mine) iris scanner is included on the Galaxy S8 as an alternative form of biometric security in addition to the built-in fingerprint sensor.
Galaxy S8 users can choose to set up the iris scanner, which is more secure than the face recognition, to unlock the phone or authenticate Samsung Pay mobile payments.
The biggest advantage to using an iris scanner compared to face recognition is that ordinary photos usually can't fool it. An ordinary photo doesn't contain the unique patterns in a person's eyes that can only be seen with an infrared sensor.
That's exactly why the CCC didn't use an ordinary photo to trick the S8's iris scanner.
For its hack, the CCC used a "good digital camera with 200mm-lens at a distance of up to five meters" to take a photo of a person's eye. The camera was switched to its "night mode" in order to capture the iris' patterns.
The image of the iris was then printed on a laser printer (ironically, a Samsung one) and a contact lens was placed on top to give it depth.
CCC registered a person's iris on the S8 and then tested the fake iris. Lo and behold, it worked and the phone unlocked.
BUT... as simple as the hack sounds, it still requires some trial and error. CCC even says as much (emphasis mine):
Depending on the picture quality, brightness and contrast might need to be adjusted. If all structures are well visible, the iris picture is printed on a laser printer.
How many images -- adjusted for image quality, brightness, contrast, etc. -- were tested before they got one that worked? I reached out to CCC on Twitter for more details.
CCC's Jan Krissler (aka "starbug") told me over direct message they tested three printers, printing five to ten variations per printer, before they got a positive with a Samsung laser printer. The printout of the iris worked out to "80 pixel iris diameter."
"The Samsung model was a standard consumer product, around 250 Euro. We tested multiple prints on multiple kinds of paper. All of them worked. It worked instantly after we found the working printer."
The iris scanner hack isn't unlike the many fingerprint sensor hacks we've seen over the years. It looks easy enough, but the probability of it happening is unlikely. How many people have photos of their eyes, captured with night mode, floating around on the web? (Again, your regular selfies won't fool the iris scanner.)
As proof-of-concept, yes it works. But the same goes for breaking open your home's door lock or car door. It's possible, and anyone who really wants to gain access could jump through these hoops to get into your phone, but is it a reason to live in fear or not buy this phone? Not at all.
We reached out to Samsung for official comment on the hack and received the following:
"We are aware of the issue, but we would like to assure our customers that the iris scanning technology in the Galaxy S8 has been developed through rigorous testing to provide a high level of accuracy and prevent attempts to compromise its security, such as images of a person’s iris. If there is a potential vulnerability or the advent of a new method that challenges our efforts to ensure security at any time, we will respond as quickly as possible to resolve the issue."
Featured Video For You
Hands on with Samsung's Galaxy S8
-
Why Kamala Harris triggers Donald Trump so intensely.DeepMind's AI helps confine plasma for nuclear fusion researchNetflix's 'On My Block' Season 3 finale: Why the show should end nowKim calls for unity with China against 'hostile forces'Spate of defections show Kim JongMonaco held as French Ligue 1 season kicks off创放心舒心消费城市 营造和谐消费环境M.I.T. cuts ties with Huawei, ZTE over U.S. investigationsCourting DisasterFacebook stored passwords in plain text for hundreds of millions of users
下一篇:14 Heists, Robberies, and Other Great Capers
- ·25 Years Later: A Brief Analysis of GPU Processing Efficiency
- ·掌上智慧医院 让就医更轻松
- ·Twitter makes it easier to appeal decisions about bad behavior
- ·Amprius ships first batch of "world's highest density" batteries
- ·全国土壤普查办抽验组到广东开展土壤普查质量抽验
- ·'No Time To Die' release delayed until November due to coronavirus
- ·Chinese ambassador calls S. Korea
- ·'No Time To Die' release delayed until November due to coronavirus
- ·Europe now has a huge AI gap, for better or for worse
- ·Apple announces news subscription service, Apple News Plus
- ·结合政协工作实际开展“大学习、大讨论、大调研”活动
- ·Twitter vows to make itself less spammy with new policy change
- ·Cyrix: Gone But Not Forgotten
- ·Tom Hanks and Rita Wilson test positive for coronavirus
- ·"Molecular glue" strengthens the weak point in perovskite solar cells
- ·清远连山举办丝苗米机插育秧及高产栽培技术培训活动
- ·科创筑梦树立远大志向 蓄势赋能培养科技人才
- ·How Zuckerberg thinks Facebook should be regulated: A brief guide
- ·Modular building facade heats and cools rooms with solar power
- ·The FTC just came down hard on those annoying robocall operations
- ·How to trademark your TikTok phrase and protect your brand
- ·新品种20个,产量超200倍,海水鱼还有多大想象空间?首席专家这样说丨芯时代 最强音
- ·Best and worst April Fools jokes from big tech companies in 2019
- ·Amazon Go stores start accepting cash amid backlash against cash
- ·Update your BIOS: Utilities from Top Motherboard Makers
- ·Facebook will use AI to stop suggesting you invite dead friends to events
- ·优化广东优质农产品产销资源对接!“农友圈”又有新动作
- ·Witness Bernie Sanders' very relatable clothes chair
- ·Looking to prevent coronavirus? Stop touching your face.
- ·Messi leaves Barca due to financial constraint: club statement
- ·Norris stuns Verstappen at Dutch GP
- ·The 'Godfathers of AI' win Turing Award
- ·Church puts their nativity scene in a cage to protest Trump's immigration policies
- ·上汽大众全新朗逸到店 新车预定现已启动
- ·两个改造提升项目进入收尾阶段
- ·World's 2nd