The “future standard for phone authentication” is not ready for mainstream use.
Dan Goodin - 5/23/2017
Hackers have broken the iris-based authentication in Samsung's Galaxy S8 smartphone in an easy-to-execute attack that's at odds with the manufacturer's claim that the mechanism is "one of the safest ways to keep your phone locked."
The cost of the hack is less than the $725 price for an unlocked Galaxy S8 phone, hackers with the Chaos Computer Club in Germany said Tuesday. All that was required was a digital camera, a laser printer (ironically, models made by Samsung provided the best results), and a contact lens. The hack required taking a picture of the subject's face, printing it on paper, superimposing the contact lens, and holding the image in front of the locked Galaxy S8. The photo need not be a close up, although using night-shot mode or removing the infrared filter helps. The hackers provided a video demonstration of the bypass.
Full Article
