In addition to its high-end specs and beautiful appearance, the highlight of the recently revealed Galaxy Note 7 is its iris scanner, a new biometric security feature, in which a look unlocks the device. But how does this feature actually work?
The secret of the eyes
Iris recognition is an automated method of biometric identification that reads the mathematical patterns in images of an individual’s irises, from one or both eyes.
To take such an image, the device scans the iris, which is the colored ring of the eye that controls the size of the pupil, expanding and contracting to control the amount of light entering the eye and reaching the retina.
Each individual has a unique pattern of the iris in each eye, which remains unchanged throughout life. This characteristic of the iris, combined with the fact that the pattern of an iris is almost impossible to replicate, makes iris biometrics one of the most secure and reliable authentication techniques available.
As a result, iris scanning has been widely used for secure access control, border control and security at airports. And since last year, the technology has begun, albeit timidly, to arrive on smartphones.
The Lumia 950 XL (released in October 2015), for example, brought a spectacular camera, even including a sensor that facilitated the scanning of an iris. However, it was not as fast as the one found on the Note 7, but it could recognize a user’s iris even through glasses.
Also in 2015, but just before the Lumia 950 XL, Fujitsu released the Arrows NX F-04G, which ran Android Lollipop and was the first smartphone to bear an iris scanner. However, the device never left the Japanese market.
The Galaxy Note 7's retina scanner
Once a user has logged her iris data on the Galaxy Note 7, an encrypted code is stored in a secure area of the smartphone. When someone tries to access the device - or a protected application - the infrared LED and the iris camera work together to capture the pattern of the individual's iris, scanning the pattern and comparing it with the encrypted code before granting access.
So as not to compromise on design, Samsung claims that it created two new components to allow for iris recognition. The first is a dedicated camera for iris recognition, which uses a special image filter to receive and recognize the reflected images of the iris using an infrared LED light.
This infrared light allows a better range for iris scanning. Moreover, unlike traditional visible-light images (RGB) – which may be affected by the color of the iris or ambient light – infrared images show clear patterns and have low reflectivity of light.
The second component is a proprietary technology of Samsung, which makes use of light emitted by the Galaxy Note 7’s display, allowing the scanner to image the iris even in low-light environments.
Samsung claims that the combined efforts of these components ensures that iris scanning is more accurate and faster than on any previous device.
It’s important to note that Samsung states that the infrared LED used on the Galaxy Note 7 poses no health risk, being compliant with International Electrotechnical Commission (IEC) 62471 (photobiological safety), considered the highest level of certification in the industry. Furthermore, the device automatically turns off if it detects the eye to be too close, or exposed for too long, to the LED.
Knox comes into play
For those who do not know, Knox is a security system found on Samsung devices. It works via a partition on the internal memory, which is used for running and storing important data.
What does iris scanning on the Galaxy Note 7 have to do with Knox? Well, Samsung claims that iris information is encrypted and stored safely – at a hardware level – on this platform, just as fingerprint data was stored in the past.
In addition, the South Korean manufacturer claims that only one person can record her iris information. This means that even if the device is lost or stolen, and someone has access to the smartphone, the user's iris information will not be compromised.
And what can the Note 7’s iris scanner unlock besides the devices itself?
In addition to the Galaxy Note 7 itself, the phablet’s iris scanner also allows users to ensure the security of sensitive data on the device by placing in specific locations.
The main one is the Secure Box, a separate folder that allows users to protect and manage applications and important files through iris recognition. (Fingerprint and standard type passwords or PIN can also be used).
According to Samsung, users can take advantage of this service to keep private and personal data – such as bank account information – completely separated from more general data stored on their phablet. Parents can also block access to games or specific content from their children (or spouse).
Scanning the iris also works on Samsung Pass, a tool that allows users to access websites from Samsung's proprietary browser, using the eyes as a "login and password".
Would you bet the security of your data on Samsung’s iris scanner? Let us know in the comments.