The Samsung Galaxy S8 is a fantastic Android phone by just about any measure, but if there is one area where the new flagship could use some serious work in the biometric department. We already knew that the phone’s facial unlock feature can be easily fooled with nothing more than a simple photo of the owner, but a new video of the Chaos Computer Club shows that the new iris-scan security layer — that Samsung calls “one of the safest ways to keep your phone locked and the content of their own” — is just as easily fooled.
The video of CCC makes the trick look ridiculously easy to pull off, with nothing more than a photo of the individual and a contact lens.
Since the iris scanner uses infrared light, a photo of the phone owner is made with a simple digital camera using “night mode.” Then, the photo has been cropped and resized so that the iris is about the size of a real-life human eye. After that, a contact lens is placed on the printed photo, and the Galaxy S8 instantly recognizes as being a “real” human eye and unlock the phone.
What is particularly interesting is that the photo is not even of particularly high quality, and the image is used in the demonstration was shot from several feet away. This suggests that the actual iris scan of the phone which is of a much shorter distance is not per se identify as much detail as it probably could.
More From BGR
Samsung’s new portable SSD is faster and smaller than anything for
The Samsung Galaxy S8 buy one, get one free deal is better than T-Mobile
Leaked tests show OnePlus 5 is much more powerful than the Galaxy S8 and Google Pixel
All biometric features to unlock, including fingerprints and the previously mentioned face recognition, have proven to be hacked in the past. If you like hope that is your iris held the only real key to keeping your smartphone safe, this test is proof that it is just as vulnerable (if not more) than the rest.