Hackers Break Iris Scanner Security
A sample iris image acquired with LG 4000 iris sensor in March 2008 (left) and again in March 2011 (right).
CREDIT: Kevin Bowyer
Iris scanners represent one of the most secure biometric technologies that can recognize 5,000 individual pieces of information in each person's eye. But academic hackers have shown how to break iris scanner security without resorting to "Minority Report" eyeball-swapping surgery.
U.S. and Spanish researchers figured out how to make a synthetic iris image that could fool iris scanners, according to the BBC. The weakness in the security came from how iris scanners store iris images as digital codes — information that the researchers could replicate in their synthetic images.
Tests with the synthetic images fooled a commercial iris scanner about 80 percent of the time, researchers said at the Black Hat security conference in Las Vegas.
The results could mean a serious rethink for large-scale efforts to use iris scanners in government or corporate security. India has already begun rolling out a digital ID system that includes iris scanners for its 1.2 billion citizens.
Past research had already pointed to other problems with iris scanners. One study found that iris scanners may face problems identifying people as their irises age over time.