The smartphone has basically become a human appendage. Not only is it always in people’s hands or pockets, it stores all of our banking information, photos, and private messages. To protect them, companies like Samsung offer biometric security features like iris scanning to unlock phones. While it might seem secure, a hacker just proved how easy it is to bypass Samsung’s iris scanner…

In the video embedded below, hacker Jan Krissler shows that the Samsung Galaxy S8’s iris scanner can be ‘hacked’ by using an infrared photograph of the eye of the phone’s owner and a contact lens.

In the video, the night mode on a standard point and shoot camera is used to take a picture of Krissler’s face from a medium distance away. Then, using a standard laser printer, a cropped-in image of one of his eyes is printed out. By showing this picture of the eye with a moist contact lens placed on top of it to a Galaxy S8, the iris scanner is tricked and unlocks the handset.

This whole process is a bit extensive, of course, but it just goes to show that something seemingly as secure as the Galaxy S8’s iris scanner can be ‘hacked.’ If you want your device to be as secure as possible, it would be best to lock it with either a password or PIN as they are harder to guess and cannot be bypassed easily.

[protected-iframe id=”a1b656b764d2ef1549caa31caefe51ea-22427743-23712197″ info=”https://media.ccc.de/v/biometrie-s8-iris-en/oembed” width=”1024″ height=”576″ frameborder=”0″ allowfullscreen=””]

FTC: We use income earning auto affiliate links. More.

Check out 9to5Google on YouTube for more news:

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Justin Duino

I’m a writer for 9to5Google with a background in IT and Android development. Follow me on Twitter to read my ramblings about tech and email me at justin@jaduino.com. Tips are always welcome.