Galaxy S8

We have a love-hate relationship with biometric ID. After all, it looks so cool when the hero in a sci-fi movie enters the restricted-access area after having his hand and iris scanned. But that’s about the best you can say about biometric security. It’s conceptually flawed in a bunch of ways, and nearly every implementation we’ve seen gets broken sooner or later.

Case in point: prolific anti-biometry hacker [starbug] and a group of friends at the Berlin CCC are able to authenticate to the “Samsung Pay” payment system through the iris scanner. The video, embedded below, shows you how: take a picture of the target’s eye, print it out, and hold it up to the phone. That was hard!

Sarcasm aside, the iris sensor uses IR to recognize patterns in your eye, so [starbug] and Co. had to use a camera with night vision mode. A contact lens placed over the photo completes the illusion — we’re guessing it gets the reflections from room lighting right. No etching fingerprint patterns into copper, no conductive gel — just a printout and a contact lens.

Continue reading “Fooling Samsung Galaxy S8 Iris Recognition” →

Hackaday

1 Articles

Fooling Samsung Galaxy S8 Iris Recognition

Search

Never miss a hack

If you missed it

MXM: Powerful, Misused, Hackable

VCF East 2024 Was Bigger And Better Than Ever

Microsoft Killed My Favorite Keyboard, And I’m Mad About It

Remembering Peter Higgs And The Gravity Of His Contributions To Physics

Chandra X-ray Observatory Threatened By Budget Cuts

Our Columns

Hackaday Podcast Episode 267: Metal Casting, Plasma Cutting, And A Spicy 555

This Week In Security: Putty Keys, Libarchive, And Palo Alto

Human-Interfacing Devices: HID Over I2C

Fail Of The Week: Can An Ultrasonic Cleaner Remove Bubbles From Resin?

Linux Fu: Stupid Systemd Tricks

Search

Never miss a hack

Subscribe

If you missed it

Our Columns