Chaos Computer Club fools iris scanner Samsung Galaxy S8 with photo
Hackers from the German Chaos Computer Club have shown that it is possible to unlock a Samsung Galaxy S8 smartphone by holding a photo of an eye in front of the iris scanner. The photo must have been taken in a certain way.
In a message, the CCC writes that its researchers have determined that it is possible to take the photo at a maximum distance of five meters from the face of the person being photographed. They used a digital camera with a 200mm lens in night shot mode, which brings out the details of the iris more clearly. By then printing the photo with a Samsung laser printer and placing a contact lens over the iris, it is possible to access the device via the iris scanner. The CCC reports that the most expensive part of the method was the purchase of the phone and that the method is in principle also possible with a high-resolution photo from the internet. The organization has released a video of its findings.
Earlier it appeared that the facial recognition of the S8 can be fooled with a selfie. Samsung responded to the news at the time, saying: “It is important to emphasize that facial recognition, while convenient, can only be used to unlock the Galaxy S8 and cannot be used to access Samsung Pay or the Secure Folder.” However, that is different when it comes to the iris scanner. About this, Samsung said in the same message: “The Galaxy S8 provides various forms of biometric security with the highest security level, including the iris scanner and fingerprint scanner.” The manufacturer thus suggests that the iris scanner offers a higher level of security.