back to article Samsung mobes to get an eyeful of your EYE in biometric security bid

Samsung is looking to kick its competition with Apple up a notch by swapping fingerprint scanners in its smartphones for more advanced biometric devices like iris scanners, a company exec has said. According to a report in the Wall Street Journal, Samsung senior VP Rhee In-jong, who heads the company's Knox security platform, …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Fixed it for you

"The [fingerprint] scanners improve smartphone security by giving users a second, physical authentication method on top of their existing login passwords, PINs, or gestures."

Should be:

"The scanners improve smartphone security by giving users a way to unlock their phones that's convenient enough that they will use that instead of having no PIN/password/etc. at all."

It's annoying that 9 months after the iPhone 5S was released, there are still people who think that fingerprint scanners exist to provide a Tom Cruise, Mission: Impossible level of security and attack it on that basis, whereas the scanners are clearly a convenience feature.

6
0
Silver badge

I don't get it (common theme today) - what's wrong with these biometric security options?

Locks on phones and smart-devices are there to protect your data from idle snooping or for when you loose the device. They aren't there to protect your data from a targeted attack.

For normal cases, the biometrics are an improvement because it's far easier to get access to a password-protected phone. All you need to do is watch while someone enters their code and swipe it from their bag/pocket/cafe table. It's a bit harder for the average opportunistic thief to get the required details to defeat the biometric lock.

As always, understand the uses and limitations of the tools at your disposal and you'll be fine. If you want your data secure, encrypt the device and sort out remote-wipe capabilities.

2
0
MrT
Bronze badge

"Good morning, Mr Yakamoto...

...you have four missed calls, and your store account at GAP is due payment today."

0
0
Silver badge

There's probably a lot of companies "looking at" iris scanning

But it has its own problems similar to that of fingerprint recognition. It is relatively easy to spoof using images, and it is even easier to obtain an image of someone's iris than it is to get their fingerprint. It is possible to take an image good enough for recognition from 15-20 feet away!

What's more, the privacy concerns people have about giving out their fingerprints are just as bad for iris recognition, as like fingerprints you can't change your iris if it is compromised.

Perhaps a combination of fingerprint scanning, iris recognition and facial recognition would be good security. All can be easily compromised, but it would be difficult to spoof them all at the same moment.

1
0

Re: There's probably a lot of companies "looking at" iris scanning

NFC chip implanted in palm. Done and done.

1
0

Re: There's probably a lot of companies "looking at" iris scanning

One of the other problems is that it's very much light dependent.

In even slightly dark rooms it would probably have to shine a light at your face to light up the iris. Dark Irises are harder to scan than light irises.

Also current systems although they keep improving require a very much fixed distance to get a good recognition image - which can be a bit of a faff.

Maybe they'll overcome these issues though. Up until a few years ago iris was massively patent encumbered, but this I believe has now expired.

0
0
Bronze badge
Childcatcher

Re: There's probably a lot of companies "looking at" iris scanning

Perhaps a combination...would be difficult to spoof...all at the same moment.

I think you have the right idea: multi-factor authentication that is no more cumbersome than any single method. Add in well-implemented encryption on the device and black hats looking to get into your phone will most likely move on to other attack methods.

0
0
Jin

Lower security than passcode-only models

I wonder how many people are aware of the fact that the mobile devices with biometric sensors offers lower security than the passcode-only models.

What the users is expected to do when he is falsely rejected when he is in the outdoor environment? Use the passcode. This means that the criminals can impersonate the legitimate user by breaking either the biometric sensor or the passcode, meaning that the criminals are given more chances to break, say, lower security.

It is really ridiculous to be offered a lower-security solution where higher security is required.

0
0
Bronze badge

Re: Lower security than passcode-only models

Except... passwords are really easy to pinch if someone is looking over your shoulder. Nobody has ever had the opportunity of glimpsing my 5S password in public because I invariably use my fingerprint.

1
0
Silver badge

Re: Lower security than passcode-only models

I think the idea is devices with biometric sensors are a lot more secure than devices with no security enabled at all. It just might entice a few of those people who think entering a pin to unlock their phone is too big a hassle into actually securing their device.

0
0
Anonymous Coward

Who thinks this is a good idea?

The NSA requested it...?

0
1

Iris tech ignorance...

DougS - it would be very difficult to obtain usable/match-able iris images from 15-20' away (...or show me the way!) Can it be done? ...maybe by a hand full of industry insiders but not by the public at large.

Mr ChriZ - the light used to illuminate the iris for a read is not normally visible to the human eye so you can do this in darkened areas using non visible light spectrum sensors.

0
0
This topic is closed for new posts.

Forums