It’s quite unbelievable that only a few decades ago the idea of being able to enter restricted areas or unlock devices by simply scanning the iris of your eye seemed like an idea straight out of a sci-fi novel or a James Bond movie.
Cut to the 2010s and now virtually every top-tier smartphone model includes some form of biometric authentication methods. In fact, the latest craze, iris scanning, is on its way to make fingerprint detection obsolete and perhaps replacing it as the number one authentication method for smart devices.
But is it really the best way to secure our most precious data on our phones? Or a better question, perhaps: can it also become the successor to computer and online account passwords?
How Iris Scanning Works
Iris scanning – also known as iris recognition – is one of the three biometric identification methods during which a special sensor scans the iris or irises of an individual’s eyes. Like facial recognition, which scans your face using an infrared photo to match it with the patterns of the 3D facial map created from the individual’s face, an iris scanner looks for particular patterns in the iris of the person accessing the device.
Although the facial pattern of an individual more or less stays the same, an iris pattern is not only consistent throughout a person’s life but it is also unlike any other human being’s. In simpler terms, your iris patterns are so unique that there is no other person with matching eyes – not even your closest relatives. This is why iris scanning is considered to be one of the most foolproof methods of identification. Unless someone goes as far as the villain in Dan Brown’s Angels and Demons by carving out someone’s eyes, there is no way of unlocking something restricted by an iris scanner.
The Use of an Iris Scanner
Currently there are two types of iris scanners on the market, standalone scanners and those built into cameras. Standalone models look just like their movie counterparts and are usually purchased by high profile businesses and government agencies – in other words, entities that can afford such devices and need to protect themselves with the highest-tier of security. This high retail price is the main reason why iris scanners are still unaffordable for consumers but, as is the case with standalone fingerprint scanners, it is very likely these scanners will soon appear in homes, hotel rooms and other places.
Built-in iris scanners, on the other hand, are already part of everyday life thanks to their inclusion in smartphone and tablet models like the Samsung Galaxy S8 and the iPhone X. Additionally certain PCs are also capable of authenticating users via iris recognition if the computer is equipped with an Intel RealSense camera and Windows Hello (Windows 10’s biometric authentication program) is properly set up.
Keep in mind, however, that the inclusion of an iris scanner in certain devices is a double-edged sword. Granted, unlocking a device with your iris, face or fingerprint is more convenient, faster and safer than remembering a complex password or a long passcode, we can’t help but feel that iris scanners are the latest victims of the smartphone craze – just like fingerprint scanners were a few years ago. This means that big companies are under constant pressure to come up with their own iris scanner as soon and as competitively as possible – and as we know rushed production can have some nasty results.
Imperfect but Promising
When the Samsung Galaxy S8’s facial scanner was fooled by a journalist who simply used a high-quality photo of his face to successfully unlock the device, you’d think that the South-Korean company couldn’t make the same mistake twice. Sadly, they were wrong: German hacker collective Chaos Computer Club proved that even the iris scanner can be deceived by creating a photo of the iris in night mode, printing it out and then placing a contact lens on the photo to simulate the curvature of an actual eye.
The Hacking of Samsung Galaxy S8's Iris Scanner
This shows that iris scanning for everyday use is still in its infancy, so similar blunders will definitely occur in the future. Therefore, the end of the password and passcode is still quite some way away, but since we’re seeing already promising results of built-in iris scanners in terms of speed and accuracy, perhaps we’ll be seeing password managers become iris managers soon enough…
Best Password Managers of 2019
|Editor's Choice 2019|