Security professionals understand that the latest “cool” gadget may not be very secure. Most devices connected to the Internet of Things spring to mind. However, one cool new device feature—iris recognition—is specifically designed for security … and in some cases, this safeguard is pretty easy to fool.
In the wake of a Note 7 that was quite prone to catching fire, it’s been a difficult time for Samsung. The new S8 has been deemed the company’s comeback phone, and it has earned its fair share of fans after being unveiled a few months ago. However, there’s just one problem: it’s iris recognition security feature can be easily bypassed by just a photograph.
As Alexander J. Martin writes, a hacker collective “… tricked the S8’s iris recognition system by using the night mode setting on a standard digital camera, as the sensor works with infrared light. The hackers took a picture of their ‘victim’ from a few metres away.
“The infrared image was then printed using a laser printer and a contact lens placed on the printed photograph of the infrared image.
“When held up to the phone, it was recognised as the eye of the person for whom the handset was registered to and unlocked itself.”
The hacking collective, a German group called that Chaos Computer Club, expresses strong skepticism towards biometric technologies.
The lesson to be learned here is never ignore security in favor of novelty. By all means, invest in the latest technology, but stay up to date on any flaws that are found as the product’s strength is inevitably tested by cybercriminals.