Samsung has insisted that the Galaxy S8’s iris scanner cannot be fooled easily in the real world. Its statement comes after a video showing the scanner being unlocked by a dummy eye surfaced earlier this week.
The Galaxy S8 isn’t the first Samsung smartphone to carry an iris scanner — that title goes to the Galaxy Note 7. But it is the most popular iris-scanning handset on the market today, which means its new biometric security feature is getting a lot of attention. The vast majority of that is positive, but not all of it.
This week, Chaos Computer Club, a group of German researchers, released a video that shows the Galaxy S8 being unlocked with a dummy eye. It was made using a photo captured by an infrared camera, which then had contact lenses placed on top of it to mimic the curvature of an eye. When the image was held up to the phone, it was successfully unlocked.
“Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris,” said Dirk Engling, CCC spokesman. “If you value the data on your phone — and possibly want to even use it for payment — using the traditional pin protection is a safer approach than using body features for authentication.”
Samsung disagrees, and insists it is very difficult to replicate this hack in reality.
“Although the one-minute video (that shows the sensor being fooled with a dummy eye) appears simple, it is hard to see that happening in real life,” a Samsung spokesperson told The Korea Herald. “You need a camera that can capture infrared light (used in the video), which is no longer available in the market. Also, you need to take a photo of the owner’s iris and steal his smartphone. It is difficult for the whole scenario to happen in reality.”
Samsung certainly makes a good point. It might be relatively easy for someone to steal your smartphone, but how likely is it that they will also be able to capture a high-resolution image of your irises in the process? And let’s not forget that fingerprint scanners have been fooled just as easily with the right technology. Nothing is completely unbreakable.
Iris scanning is “one of the safest ways to keep your phone locked,” Samsung added, with iris patterns “virtually impossible to replicate.”