This high-tech security is in the eye of the beholder—unfortunately some of those beholders are hackers.
The iris scanner on the Galaxy S8, Samsung’s latest smartphone, can be easily tricked using a printed photo. The hack, reported Tuesday, comes on a biometric measure that the company touted as 100 times more secure than a fingerprint scanner.
But all that’s needed to bypass that security is an infrared photo of someone’s eyes, because the iris scanner uses infrared light. Perhaps even more concerning, the photo doesn’t need to be taken a close range, in the demonstration someone sitting at an inconspicuous distance snaps the picture—and the hack still works.
The technique first discovered by Jan Krissler, a hacker that goes by the pseudonym Starbug. In the video below, he simply prints out the photo and place a contact lens over the eye to give the Galaxy camera the illusion of a curved eyeball.
It’s so rudimentary it seems like it shouldn’t work, but it does.
This article was featured in the InsideHook newsletter. Sign up now.