Skip to Content

Galaxy S8 iris scanner can be bypassed with ridiculously simple trick

Can you believe it’s been over a month since the Samsung Galaxy S8 was released? The two versions were the runaway success stories that Samsung desperately needed this year.

There are plenty of reasons to be excited about the new S8s; beautiful edge-to-edge screens with virtual home buttons, new 10nm processors, DeX desktop support, Bluetooth 5.0 with dual audio streaming, a headphone jack and free high-quality AKG earphones out of the box.

They also feature a trio of biometric security features including fingerprint scanning, facial recognition and an iris scanner. Facial recognition looks to be much faster than fingerprint or iris unlocking but it turns out it can easily be fooled and bypassed with a mere photo of the phone’s owner.

For security reasons, it was recommended that S8 users use the iris scanner for phone security instead. Samsung said that the iris scanner is secure as ever, more secure than fingerprint scanning. That’s because patterns in your irises are unique to you and are virtually impossible to replicate, meaning iris authentication is one of the safest ways to keep your phone locked.

But is this true? Is the Galaxy S8’s iris scanner as foolproof as advertised? Well, as it turns out,  not exactly.

S8 Iris Scanner Hack

Security researchers from a German hacking group called the Chaos Computer Club (CCC) claim that they have found a clever way to trick the Galaxy S8’s iris scanner with the simplest of equipment.

All it required was a printout of the owner’s eye photo taken with a digital camera’s night mode and a contact lens placed on top of it to simulate the physical shape and depth of an eyeball.

The researchers warned that this trick could even work with close-up photos used as profile pictures on social media sites.

“The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot,” CCC spokesman Dirk Engling wrote in their blog. “Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris.”

Depending on the picture, tweaks on its brightness and contrast may be required to reveal the details of the subject’s iris. Once the fine details of the iris are distinguishable, the image is printed on a laser printer. Ironically, the researchers said that Samsung’s laser printers yielded the best results.

Watch the video below to see the iris hack in action.

Click here to watch the video on YouTube.

As with the S8 facial recognition hack, this proves that these emerging biometric security systems still need a lot of work to be sufficiently reliable and secure. For now, Engling suggests the use of PIN codes or passwords instead.

What do you think? Are these biometric system hacks a cause for concern? Drop us a comment!

More from

Beware! Hackers targeting movie watchers with hidden malware

Wi-Fi can now be used to photograph inside your home

Apple’s latest service is FREE! Here’s how to sign up

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out