iAV - Antelope Valley Digital Magazine
Hackers Foil Samsung S8's Iris Recognition Technology Using Only A Photo of An Eye
DONE
By Alexander J Martin, Technology Reporter
The Samsung S8's iris recognition secu- rity feature has been shown to be easily bypassed with "basic tools" by German hackers.
Launched as the technology giant's comeback phone after the disastrous roll-out of the fire-
prone Note 7 hand- set, the S8 was only unveiled back in March and has been available for pur- chase for less than a month.
Among the phone's new features was its iris recognition tech- nology, which would allow users to unlock their phones merely by pointing the camera at their unique iris patterns.
Unfortunately, the security feature can be easily circum- vented, as shown by a team from German hacking collective the Chaos Computer Club (CCC).
Founded in 1981, it is Europe's largest association of hack- ers and is seen as a group of curious technologists rather than cybercriminals.
It describes itself as having spent its existence "providing information about technical and socie- tal issues, such as surveillance, privacy, freedom of informa- tion, hacktivism, data security and many other interest- ing things around technology".
In 2008, the group acquired and pub-
lished the finger- prints of the German Minister of the Interior Wolfgang Schäuble in order to protest the inclusion of fingerprint data in biometric passports. I
ts skepticism towards biometric technologies contin- ues in the video the group has uploaded demonstrating how to foil the iris recog- nition feature only using basic tools.
This is not the time first time hackers from the CCC's bio- metrics taskforce have foiled a new phone's sensors, having shown Apple's Touch ID fin- gerprint recognition could be beaten back in 2015.
They tricked the S8's iris recognition system by using the night mode setting on a standard digital camera, as the sen- sor works with infrared light. The hackers took a pic- ture of their "victim" from a few meters away.
The infrared image
was then printed using a laser printer and a contact lens placed on the print- ed photograph of the infrared image.
When held up to the phone, it was recog- nised as the eye of the person for whom the handset was registered to and unlocked itself.
Speaking to the Guardian, the CCC's spokesperson Dirk Engling said "The security risk to the user from iris recog- nition is even bigger than with finger- prints, as we expose our irises a lot.
"If you value the data on your phone - and possibly want to even use it for payment - using the traditional pin-pro- tection is a safer approach than using body features for authentication."
At the time of publi- cation, Samsung had not responded to requests for com- ment from Sky News.
4
661?266?4?ADS
iAV - Antelope Valley Digital Magazine