This article was published on May 23, 2017

Samsung S8’s iris scanner fooled by photograph of an eye


Samsung S8’s iris scanner fooled by photograph of an eye

Just one month after the Samsung Galaxy S8’s release, German hackers have already figured out a way around the phone’s iris recognition software.

The Chaos Computer Club, a European hacker group, published its account of hacking the S8’s biometrics via a few simple tools such as a camera and a contact lens. It also showed video footage of the successful workaround.

Here are the ingredients in the Samsung Sensor Scramble, if you ever want to make it yourself:

  • One camera (ordinary point-and-shoot will do)
  • One laser printer, made by Samsung for the added spice of irony
  • One contact lens
  • One Samsung Galaxy S8
  • One “Subject,” or hapless Samsung Galaxy S8 owner

Have subject sit at medium distance from camera. Shoot head-on infrared photo of Subject’s face.
Print picture of Subject’s face on Samsung laser printer.
Register subject’s real irises with the S8’s biometrics.
Place contact lens on the picture of Subject’s eyeball.
Point picture at Galaxy S8 and hold for 10-15 seconds.

Let stand for 20-30 minutes while you realize the security of your phone isn’t as airtight as you thought.
Serves one.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with