Hackers have found a new way to hack Samsung’s iris security system

0

WHY THIS MATTERS IN BRIEF

  • Biometric security systems are awesome, until they’re hacked, and increasingly companies and individuals are finding that their latest and greatest biometric security systems are easier to hack than the password systems they replaced


 

Criminals know you love taking selfies, and they love your selfies too – especially the ones where you’re holding your fingers up in a victory sign. They also love the fact that your photos are good enough quality for them to print out a high definition print of your eyes and fingerprints. And they especially love the fact that these alone are good enough to help them unlock all of your biometric protected stuff and gadgets.

 

RELATED
US Navy stands up the worlds first fully autonomous drone squadron

 

I love your new galaxy smartphone by the way – great cat wallpaper.

In yet another stab in the back for biometric security hackers have published details of a method to break the iris based authentication in Samsung’s shiny new Galaxy S8 that involves the use of a number of basic, everyday items.

Published by German whitehat hacking group Chaos Computer Club (CCC), the hack involves the use of a digital camera, a laser printer, with Samsung models, ironically, working best, and a simple everyday contact lens.

To bypass the Iris scanning feature, they use a digital camera to take a picture of a phone owner’s face and print it out on the laser printer. The contact lens is then placed on top of the face to mimic an actual iris, held in front of the phone and bingo – the Galaxy S8 unlocks.

 

RELATED
World first as Lockheeds autonomous submarine launches an autonomous drone

 

Whoohoo! By the way – I deleted all your cat videos. Sorry it was a mistake – honest!

While the hack is fairly simple, there are some provisos in its implementation, including, obviously, making sure the quality of the photo is good enough to capture the details of the iris.

When it was first introduced Samsung’s iris scanning feature, which is powered by a biometric scanner manufactured by Princeton Identity, promised to be an easier way for users to unlock their phones, and when the Galaxy S8 launched, Samsung said it offered “one of the safest ways to keep your phone locked.”

“Iris recognition may be barely sufficient to protect a phone against complete strangers unlocking it. But whoever has a photo of the legitimate owner can easily unlock the phone,” said CCC spokesman Dirk, “if you value the data on your phone – and possibly want to even use it for payment – using the traditional PIN protection is a safer approach than using body features for authentication.”

 

RELATED
Watch your mouth, Google's DeepMind lip reads better than humans

 

While the Galaxy S8 does offer fingerprint scanning as an alternative to iris scanning, and no one yet has published a way to hack it, fingerprint scanners themselves have already been shown to be vulnerable to duping which is why companies are now busy creating ultrasound based fingerprint scanners that move away from today’s more basic electro-sensitive scanners.

That said though, with new hacks and technologies such as Adobe Voco and LyreBird, which can copy and reproduce your voice print with just a minutes worth of audio, for example, off of YouTube, and new fingerprint and ‘Photo morph’ hacks that fool facial recognition systems I think some of today’s biometric security companies need to go back to the corner of the room and get back to the drawing board.

 

About author

Matthew Griffin

Matthew Griffin, described as “The Adviser behind the Advisers” and a “Young Kurzweil,” is the founder and CEO of the World Futures Forum and the 311 Institute, a global Futures and Deep Futures consultancy working between the dates of 2020 to 2070, and is an award winning futurist, and author of “Codex of the Future” series. Regularly featured in the global media, including AP, BBC, CNBC, Discovery, RT, and Viacom, Matthew’s ability to identify, track, and explain the impacts of hundreds of revolutionary emerging technologies on global culture, industry and society, is unparalleled. Recognised for the past six years as one of the world’s foremost futurists, innovation and strategy experts Matthew is an international speaker who helps governments, investors, multi-nationals and regulators around the world envision, build and lead an inclusive, sustainable future. A rare talent Matthew’s recent work includes mentoring Lunar XPrize teams, re-envisioning global education and training with the G20, and helping the world’s largest organisations envision and ideate the future of their products and services, industries, and countries. Matthew's clients include three Prime Ministers and several governments, including the G7, Accenture, Bain & Co, BCG, Credit Suisse, Dell EMC, Dentons, Deloitte, E&Y, GEMS, Huawei, JPMorgan Chase, KPMG, Lego, McKinsey, PWC, Qualcomm, SAP, Samsung, Sopra Steria, T-Mobile, and many more.

Comments

Your email address will not be published. Required fields are marked *