The iris recognition of Galaxy S8 may not be secure, after all, coming from a group of hackers that has already confirmed their discovery. Since the release of Samsung’s newest flagship in April, it has already gained the appreciation of reviewers all over the world because of its unique features and software upgrades. However, the use of the Galaxy S8‘s biometric authentication through its iris scanner is now facing doubts for the user’s security. With unexpected help from Chaos Computer Club (CCC), these group of hackers eventually unlocked what Samsung claims to be its “security promise.”
Samsung has entrusted their precious flagship, the Galaxy S8 to Princeton Identity, Inc. for the manufacture of its iris scanner. Princeton Identity, Inc. has made this revolutionary way of biometric authentication by using infrared illumination to detect the involuted structures of the iris. The process needs to have an accurate capture through video camera technology, from which the researchers of CCC may have gotten the idea. In a statement from CCC spokesperson Dirk Engling, using the iris scanner feature to use as identification may not be the safest way as compared to the standard inputting of PIN. In a video shared by Chaos Computer Club, a mere dummy-eye was used to replace the true owner of the eye.
The researchers of Chaos Computer Club took a picture of the owner’s iris using a digital camera and in order to capture the details of the iris, the infrared light spectrum was used. This filter, if removed, has the answer to hack the owner’s iris, even in a distance of five meters using a 200mm lens, considering all aspects of brightness, contrast and picture quality. If a clear picture was achieved, then the security of the owner’s identity is already compromised.
The technology of biometric solution has already captured the demands of convenience in the modern day gadget user, even airports and border crossings have embraced its utilization. However, Chaos Computer Club has already forewarned the public when they have unlocked the fingerprint recognition of the iPhone’s Touch ID. Nowadays, people rely on their transactions online, even to the most delicate of them all, purchasing and banking. As Samsung introduces its “Samsung Pay”, using the iris recognition for owner authentication will endanger the confidentiality of its users and may result to easy phishing of data. The challenge will be for companies like Apple and others to break away from the broken commitment of security that the hackers have already unlocked.