New phone’s feature has been bypassed less than a month after it was shipped to public, adding fuel to debate about biometric security 
The iris-recognition feature in Samsung’s new Galaxy S8 smartphone has been defeated by German hackers, less than a month after it hit shelves around the world.
A video posted by the Chaos Computer Club, a long-running hacker collective formed in Berlin in 1981, shows the security feature being fooled by a dummy eye into thinking that it is being unlocked by a legitimate owner.
The artificial eye – which is made using just a printer and a contact lens to match the curvature of the eye – is best created using pictures of the iris taken with a digital camera in night mode.
“The security risk to the user from iris recognition is even bigger than with fingerprints, as we expose our irises a lot,” said the group’s spokesperson, Dirk Engling. “If you value the data on your phone – and possibly want to even use it for payment – using the traditional pin-protection is a safer approach than using body features for authentication.”
Engling warns that “under some circumstances, a high-resolution picture from the internet is sufficient to capture an iris”, but a Samsung spokesperson said it would be “impossible” to use a normal picture of an iris, however high resolution it is, to fool the security feature.