It’s ridiculously easy to bypass the Galaxy S8’s iris security, using a printed photo and contact lens

There’s still no such thing as a perfect smartphone, at least not yet, and no matter how many different biometric authentication methods an OEM like Samsung implements on a device like the Galaxy S8 and S8+ these days, a determined enough intruder will find a way to circumvent any and all security measures.

Numeric codes, passwords and lock patterns can be easily cracked, but it turns out it’s not that hard to fake a fingerprint, face or even human eye to get a mobile product’s respective sensors and scanners to give you the go-ahead into one’s most personal, cherished device.

It takes a little over a minute of distressing YouTube footage to prove the iris recognition system on the Galaxy S8 is pretty much as insecure as its facial authorization mechanism, which we knew still had a long way to go.

In real life, of course, you’ll need to dedicate more time and put more effort into fooling the “advanced” biometric feature. First, a photo of the phone’s owner captured with a digital camera’s night mode switched on is required. Said snapshot must then be printed using a standard laser printer (not necessarily from Samsung, we presume), and the resulting sheet of paper will effortlessly do the trick if you merely place a contact lens on the artificial “iris.”

That’s certainly depressing to see, though if it makes you feel any better, odds are your local smartphone thief isn’t routinely getting tips from The Chaos Computer Club, Europe’s largest association of hackers, whose members were also the first to break Apple’s feeble Touch ID security back in the day.

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Adrian Diaconescu
Adrian has had an insatiable passion for writing since he was in school and found himself writing philosophical essays about the meaning of life and the differences between light and dark beer. Later, he realized this was pretty much his only marketable skill, so he first created a personal blog (in Romanian) and then discovered his true calling, which is writing about all things tech (in English).