An iris recognition solution deployed on Samsung’s new flagship smartphone has already been successfully spoofed by German hackers the Chaos Collective.The hackers have posted a video showing the device being tricked by a dummy eye that the team has developed.The Chaos Collective say they achieved the hack by simply adapting a printer and a contact lens to match the curvature of the eye.The spoofing can even be achieved by using pictures of the owner’s eye taken from social media, the group said.”The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot,” said the group’s spokesperson, Dirk Engling. “If you value the data on your phone – and possibly want to even use it for payment – using the traditional pin-protection is a safer approach than using body features for authentication.”The club was the first to use a photograph of an iPhone user’s fingerprint to create a fake finger that the Apple device would accept for unlocking. It has also used images of famous German politicians to fool iris and face recognition systems.
Samsung Galaxy S8 iris scanner fooled by Chaos Collective
