Biometric scanners are becoming more popular these days, but they are still far from perfect. A group of German hackers from the Chaos Computer Club has created a video showing how they managed to fool the iris scanner on the Samsung Galaxy S8 with nothing more than a photograph and a contact lens.
The idea is that the iris scanner cannot really tell if it is looking at a picture or the real thing. Using this information, the hackers used a regular digital camera with the night mode turned on and the IR filter removed to take a picture. Night mode is important as it relies on infrared lighting, which will capture the necessary detail of the iris to fool the scanner.
According to the group, a digital camera with a 200mm lens is more than enough to grab the image from five metres away.
The rest involves isolating the person’s iris in the picture and printing it out. A Samsung printer was used in this case, but that just seems to be the hackers having a little fun with their project. Unless it’s a case for the quality of Samsung printers.
It’s a known fact that biometric scanners are easy to fool with photographs. And this isn’t the first time that the Chaos Computer Club has managed to break a supposedly secure system with a camera and printer. The same group fooled Apple’s Touch ID with the same method four years ago.
Iris scanners are the next killer feature for smartphones, with Apple rumoured to be including it the upcoming iPhone. Like fingerprint readers, it’s expected to provide an additional layer of security for users. However, due to the ubiquity of pictures; we could say that this one might be a little more risky than just using a PIN or password.
[Source: Chaos Computer Club]