Samsung announced this week that in order to bolster security, it plans to incorporate biometric sensors such as eye scanners into more of its products – even its low-end devices – in the near future.

The move would bring an added layer of security to its devices and could wind up tying into in the company’s rugged, security-conscious Knox system later down the line.

Samsung’s Senior Vice President of B2B R&D Rhee In-jong, announced the company’s authentication plans to a crowd of investors and analysts at a forum in Hong Kong on Monday.

In-jong claims the company is looking into several types of biometric mechanisms, including iris recognition. Iris recognition, a form of biometric authentication that would let users unlock their phones with their eyes has long been thought of as too difficult to implement, let alone impractical for some mobile companies.

Rumors were aflutter last year that the Samsung was looking into weaving the technology into its S5 device but it ultimately shelved the idea in favor of its fingerprint scanner. The fingerprint scanner, another form of biometric authentication, similar to iPhone 5S’ TouchID, allows users to unlock their phone with a fingerprint scanner.

In-jong claims an iris scanner feature could become available “even in low-end smartphone models,” yet “will likely be available for adoption in high-end phones first.”

While hope springs eternal, biometric measures like the fingerprint scanner are never a complete lock. Over the last few months several researchers have been able crack the technology. Earlier this year a researcher from Germany was able to lift a user’s fingerprints and rig together a fake fingerprint mold. The mold could then be used to log into a users’ Galaxy S5. The attack, which is a variation on one used against iPhone 5S last year isn’t the easiest but sounds as if it could be substantially less difficult than somehow securing a copy of a users’ retina and using that to log into their phone.

If widely deployed, the iris recognition could eventually be paired with Samsung’s Knox infrastructure. The Pentagon-approved platform can currently be found in the wild on 87 million devices worldwide but is only used by 1.8 million, mostly banking and healthcare employees.  The privacy-based technology prevents fake apps from being installed by quarantining them in its own container, has a customized secure boot and a security enhanced kernel.

Despite its warm reception from the Department of Defense, Knox has gotten a bit of flak since it emerged last year, including one researcher who claimed he could intercept communications from one secure container to the files outside of it. Samsung later refuted the privilege escalation bug and pointed out the issue “is not specific to Samsung devices.”

Categories: Mobile Security, Privacy

Comment (1)

  1. Matt
    1

    “The attack, which is a variation on one used against iPhone 5S last year isn’t the easiest but sounds as if it could be substantially less difficult than somehow securing a copy of a users’ retina and using that to log into their phone.”

    Correct, except we’re talking about _iris_ scan here, not _retina_ scan.

Comments are closed.