Saturday, Jun 24, 2017 | Last Update : 09:05 PM IST

Hackers break Samsung Galaxy S8’s strong iris scanning security with great ease

THE ASIAN AGE
Published : May 24, 2017, 10:07 am IST
Updated : May 24, 2017, 10:08 am IST

Iris scanning was expensive and was used in higher security zones such as high profile offices and alike.

The hack was performed using an infrared photo of the eye with a simple contact lens over it.
 The hack was performed using an infrared photo of the eye with a simple contact lens over it.

When fingerprint scanners were launched, they were one of the most secure methods of security since they could not be replicated easily. However, the security was short-lived and fingerprint scanners can now be easily hacked with simply a household stuff — glue. While fingerprint, pattern, passwords and PIN codes are not safe anymore, the next form of biometrics security came in as iris scanning. Similar to fingerprints, iris scanning is completely unique and cannot be replicated. The method also required the iris to be lit up using an infrared light source.

Iris scanning was expensive and was used in higher security zones such as high profile offices and alike. However, since technology gets cheaper over the years, the iris scanning technology has managed to come down to handheld devices and smartphones. Nokia was the first to place an iris scanner on one of their smartphones, and now Samsung has put the same on one of its tablets and now its flagship smartphones Galaxy S8 and Galaxy S8+ have them as a norm.

Iris scanning was known to be unbreakable, until a group of German hackers who go by the name Chaos Computer Club have managed to get a breakthrough. All it took them is a simple point and shoot camera, a laser printer and a contact lens to get through Samsung’s iris scanning security. The only expensive investment to get the hack working, they said, was the Galaxy S8 purchase.

The hacking was made simply by a few tricks. They pulled it off taking a high-resolution photo, in night mode, of the target from around 5 metres away and printed a closeup of the eye in a laser printer. They then placed a regular contact lens on the eyeball to replicate a real eyeball. When the print was placed in front of the phone, it unlocked.

What is worrisome here is that fingerprint biometrics still needs a physical finger to unlock. In case of an iris scanning, one can simply click a photo from far away and get past your security with ease.

With increasing payment gateways accepting the smartphone as a mode of payment, security is the most important factor here. However, with one of the most secure (iris) scanning modes till date shown easily broken, it is difficult to say that your smartphones are completely safe.

Watch the video below where the hackers have demonstrated how they broke into the iris scanning security with a mere photo and a contact lens.

 (source)

Tags: samsung, iris scanner, security, hacking, privacy