The Galaxy S8 Iris Scanner Is Easily Hacked


Biometrics aren't necessarily hack proof.

Biometrics on smartphones are considered by some to be a more secure replacement to the user error-riddled password.

And while passwords have their flaws, biometric locks are certainly not hack proof. That includes the Samsung Galaxy S8, which is the first flagship smartphone with iris recognition.

Recently, a security researcher at the Chaos Computer Club in Berlin broke the iris scanner and unlocked the device, demonstrating its vulnerability.

The researcher used a camera, a contact lens and a printer. To start, the researcher used the digital camera to take a medium-range photo of the subject's eyes in night-mode, then printed that image in infrared. The hackers then placed a contact lens on top of the picture, and that was enough to fool the iris-scanner.

This method of hacking into the phone certainly requires first-person contact with the user and his or her smartphone, meaning, a random hacker on the other side of the world isn't going to attempt this. But demonstrating this vulnerability does show nothing is hack proof and devices advertised as such often aren't.