Thursday 1 June 2017, Poradnik bezpieczeństwa
Samsung Galaxy S8 iris scanner fooled by hackers from CCC group
Lost24
We have already written about biometric security systems, commonly implemented, as an additional security measure in debit or credit cards. Similar biometrics-based authentication systems can be found in modern smartphones.
One of the most popular models – Samsung Galaxy S8 smartphone – was equipped not with one but three biometric security systems, including face recognition, a fingerprint scanner, and – advertised as “one of the safest ways to keep your phone locked” – an iris scanner. Unfortunately, this claim is now longer true.
German hackers from the Chaos Computer Club (CCC) have proven that Samsung’s iris scanner can be fooled by showing it a picture of the owner’s eye.
However, in order to successfully hack/unlock the device, the picture must be taken using high-resolution digital camera with night-shot mode or the infrared filter disabled. The picture must also be printed out using a laser printer (preferably and ironically a Samsung printer) and then modified by placing a contact lens on top of the photo to mimic the curvature of a real eye.
In its defense, the Samsung company said that the hack requires “a rare combination of circumstances” to be successful. “It would require the unlikely situation of having possession of the high-resolution image of the smartphone owner’s iris with IR camera, a contact lens and possession of their smartphone at the same time. We have conducted internal demonstrations under the same circumstances, however, [and] it was extremely difficult to replicate such a result.”
There are no comments