Samsung responds to iris scanner hack
25 May 2017 17:38 GMT

South Korean tech giant Samsung has said told industry media that a successful spoofing of its iris scanner last week would be very hard to replicate without special materials and technology.

Samsung told NFC World that the claims of the Chaos Computer Club (CCC) who managed to defeat the iris recognition system on the Samsung Galaxy S8 and S8+ smartphones, could “only have been made under a rare combination of circumstances”.

The hackers were able to authenticate and unlock a device by showing the iris scanner using a modified printer and contact lens. . “With a simple to make dummy-eye, the phone can be fooled into believing that it sees the eye of the legitimate owner,” the CCC said.

“We were aware of the report, but would like to assure our customers that the iris scanning technology in the Galaxy S8 has been developed through rigorous testing to provide a high level of accuracy and prevent against attempts to compromise its security, such as images of a person’s iris,” Samsung says in a statement sent to NFC World.

“The reporter’s claims could only have been made under a rare combination of circumstances. It would require the unlikely situation of having possession of the high-resolution image of the smartphone owner’s iris with IR camera, a contact lens and possession of the smartphone at the same time.

“We have conducted internal demonstrations under the same circumstances — however, it was extremely difficult to replicate such a result. Nevertheless, if there is a potential vulnerability or the advent of a new method that challenges our efforts to ensure security at any time, we will respond as quickly as possible to resolve the issue.”