Wednesday, 24 May 2017
Samsung Galaxy S8's iris recognition software can be fooled
The Galaxy S8 comes with an iris scanner, which Samsung claims is on of the safest ways to unlock your device and private contents. But hackers have already figured out how the iris recognition software can be easily bypassed with a simple technique.
German based Members of the Chaos Computers Club (CCC), were able to unlock the Galaxy S8 using a photo that carried its registered iris.
To make one, the hacker took photo of Galaxy S8 owner's eye in Night Mode from a medium distance and printed them on a paper using Laser printer. Then they placed a contact lens on top of the eyeball in the printed image, which replicated the curved structure of a real eyeball. This technique ended up fooling Galaxy S8's iris recognition software, and unlocked the device. The group also shared a video showing how this is done.
“The security risk to the user from iris recognition is even bigger than with fingerprints as we expose our irises a lot. Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.” said Dirk Engling CCC member and biometrics security researcher.
This means anyone who posts their photos online with iris details visible and has an Galaxy S8 and using iris recognition as biometric option, is giving hackers a backdoor to unlock their device and get access to personal data.
“If you value the data on your phone – and possibly want to even use it for payment – using the traditional PIN-protection is a safer approach than using body features for authentication,” Engling added
It's worth mentioning that an almost similar technique was used to fool Galaxy S8 face recognition unlocking system
Meanwhile, Samsung said it is aware of the report and is investigating the Iris scanner hack on the Galaxy S8.
Source
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment