A German hacking club was able to gain access to Galaxy S8 device by bypassing the iris scanner.Chaos Computer Club completed the hack by taking a photo of a target from about 15 feet.
The group took that photo, zoomed in on the target’s eye and printed the image with a laser printer made, fittingly, by Samsung.
Finally, the group took the printout of the eye and placed it atop the surface of the contact lens to replicate the curvature of an actual eyeball. When the makeshift eye was held up to the Samsung smartphone, the device unlocked as if the owner was looking into the iris scanner.
The by far most expensive part of the iris biometry hack was the purchase of the Galaxy S8 smartphone, the group said in a blog post.
The security risk to the user from iris recognition is even bigger than with fingerprints as we expose our irises a lot,” said Dirk Engling, the spokesman for Chaos Computer Club. “Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.
Biometrics have moved outside of mobile devices and are being embedded into laptops and MacBooks. Facial recognition tools are also being experimented but companies like Samsung and Hp, this will help use log into their PC by looking at the device camera.
As this method of authentication is being implemented on gadgets, it’s important that precautions are taken to protect user biometric data from being hacked.