Bypassing the Galaxy S8/S8+'s iris scanner is not easy at all, according to Samsung. The tech giant issued a quick response to the recently-surfaced video of German research group Chaos Computer Club, which exposed a seemingly large security vulnerability in the company's latest flagships.
In said clip, a photo of the subject is taken using a camera's night mode or with the infrared filter removed, as this makes details of the iris (which are hard to distinguish otherwise) easily recognizable. Then, the photo is printed out, and a contact lens is placed above the printed iris to simulate a 3D object, which in turn bypasses the iris scanner on the S8.
The Korea Herald, a Samsung spokesperson expressed their reservations about the hacking method, arguing that it's "difficult" for the whole scenario to unfold in real life:Speaking to
It's understandable that Samsung is taking such a stance. The sheer effort and dedication required for the hack to be pulled off puts the vast majority of Galaxy S8 owners in the safe zone, Thus, iris scanning will most likely continue to be pitched as a reliable authentication method, even for the company's mobile payment service - Samsung Pay.
However, the hard-line stance taken by the tech giant in front of Korean media on Thursday might fool some into thinking that the vulnerability won't be addressed. This is not the case, as the initial statement from Samsung (issued on the same day on which the video surfaced) assured that the firm will try to resolve the security hole as soon as possible: