Samsung Galaxy S8 Security News: Hackers Reveal Iris Scanner Can Be Tricked With Fake Photos
A European hackers association called Chaos Computer Club revealed recently that they were able to trick Samsung Galaxy S8's iris scanner by using a fake photo.
CCC recently revealed that it was able to "trick" the Galaxy S8's iris scanner with a simple dummy-eye, as it said: "The phone can be fooled into believing that it sees the eye of the legitimate owner."
The Galaxy S8 has two types of security scanners. It has the typical fingerprint scanner, while its front-facing camera also acts as a sensor that was advertised to distinguish the owner's iris from others since humans have particular iris patterns just like fingerprints.
With that, the iris scanner on the Galaxy S8 is expected to add another layer of security on the smartphone by using particular biometric identification. However, CCC claimed that the Galaxy S8's iris scanner, just like other biometric authentication systems "don't deliver on their security promise."
CCC said that even against strangers who may be trying to illegally access a Galaxy S8, the device's security features can be "barely sufficient." The company added, "But whoever has a photo of the legitimate owner can trivially unlock the phone."
According to the hacker group's spokesperson, Dirk Engling, "If you value the data on your phone – and possibly want to even use it for payment – using the traditional PIN-protection is a safer approach than using body features for authentication."
The group then pointed out that Samsung has also announced the integration of the iris scanner features and Samsung Pay functions, which raised the security risk even more, given its vulnerability.
Meanwhile, in a statement they sent to Gizmodo, Samsung responded to the issue and said they have been made aware of the issue. The company explained, "But we would like to assure our customers that the iris scanning technology in the Galaxy S8 has been developed through rigorous testing to provide a high level of accuracy and prevent attempts to compromise its security, such as images of a person's iris."
Samsung added that they will address any potential vulnerability as quickly as possible.