View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

New Samsung Galaxy Tab S4 to Ditch Fingerprints for Iris Scanner

The latest Samsung flagship tablet will swap fingerprint with iris scanning

By CBR Staff Writer

Samsung’s next flagship tablet, the Galaxy Tab S4 is scheduled for release later this year. Renders of the tablet have begun to leak, as have firmware details – and the latter reveals that it will ship with both an Iris scanner and facial recognition; a sign of the extent to which biometric security is going to become the consumer norm.

The technology, dubbed “Intelligent Scan” by Samsung, first shipped on its Galaxy S9 and S9+. It combines both biometric scans when unlocking the tablet; if one fails, it uses the other as backup. The company describes it as “a deep learning-based verification solution”, as it analyses surrounding lighting conditions to decide which of the two biometric methods might be best for unlocking your phone.

The firmware and renders suggest the Galaxy Tab S4 doesn’t ship with a fingerprint scanner.

Critics Warn Over Biometric Security

Critics note that the S9’s facial recognition can be fooled with a photograph, with hacking group Computer Chaos Club (CCC) member Jan Krissler, a security researcher known as “Starbug”, demonstrating the crack last year.

In a May 2017 blog, CCC spokesman Dick Engling added: “The security risk to the user from iris recognition is even bigger than with fingerprints as we expose our irises a lot. Under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris“, Dirk Engling remarked.

He added: “The easiest way for a thief to capture iris pictures is with a digital camera in night-shot mode or the infrared filter removed. In the infrared light spectrum – usually filtered in cameras – the fine, normally hard to distinguish details of the iris of dark eyes are well recognisable.”

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

 

Samsung notes that the option is a consumer choice one – and only used to unlock the phone, rather than access payment apps, etc. For convenience, users may welcome it. Others continue warn that once biometric data has been compromised, there is no way to undo the damage; passwords can be changed, irises can’t.

In a blog earlier this year, Joel Snyder, a well-known security expert, emphasised the importance of assessing vendors when implementing biometrics on Android smartphones: “When enabling biometrics such as iris scanning, look for a clear statement from the hardware vendor on how the data are stored and verified. Data should be stored in an encrypted or hashed format eliminating the possibility of decryption, even by privileged applications.”

He added: “Android devices should make use of specialized hardware and TEE [Trusted Execution Environment] with live biometric data, to ensure that malware can’t tamper with the data or interfere with the process, creating safer options for enterprises interested in the technology.”

See also: Home Office: We May Give Police Automatic Facial Recognition on their Phones

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU