A group of hackers said that the iris scanner of the Galaxy S8 can be bypassed and even made a video to back their claim. Samsung would not have any of that. The tech giant responded to the supposed hack and said that it was "unrealistic."
Samsung insisted that to hack a Galaxy S8, one needs to get their hands on a camera that can capture infrared light which is what the Chaos Computer Club (CCC) used in the video. This kind of camera is no longer being sold anywhere so it is rather difficult to get one for the purpose of hacking Galaxy S8 handsets. Additionally, a potential hacker needs to get near the Galaxy S8 owner enough to get a photo of his or her iris which is unlikely unless the would-be hacker is someone really, really close to the owner. CCC spokesperson Dirk Engling told BGR that "iris recognition may protect a phone against complete strangers unlocking it, but whoever has a photo of the legitimate owner can trivially unlock the phone."
However, Samsung only said that the chances of the "whole scenario to happen in reality" are quite slim. The company did not disprove the hack which means it can actually happen. CNET tried the hack and, fortunately for Samsung and Galaxy S8 owners, it did not work. Their experiment failed even after using a life-sized colored image of the owner's face.
The Germany-based CCC was able to pull off the hack by simply taking a photo of the Galaxy S8 owner from medium range using a camera with infrared light capture capability. They then cropped the photo to enlarge the face before printing the image on paper. The hackers the placed a contact lens on the eye on the print-out before using it to unlock the Galaxy S8.
Despite Samsung's feeble attempt to appease the public, the fact remains that the iris scanner of the Galaxy S8 is indeed hackable. Engling stressed that the safest way to protect one's personal information and data is to use the traditional PIN. Wearing dark sunglasses every second that you're out may help, too, but that would make you look silly at night.