Staring match: Galaxy Note 7 locks eyes on tougher security
The marquee new feature, an iris scanner, is designed to give you an extra layer of protection. But how effective is it?
- SABEW Best in Business 2011 Award for Breaking News Coverage, Eddie Award in 2020 for 5G coverage, runner-up National Arts & Entertainment Journalism Award for culture analysis.
- 2022 Eddie Award for a single article in consumer technology
It's OK to be a little afraid.
Over the last few years, hackers have stolen customer data from household names like Target, Home Depot and T-Mobile. A hacker reportedly has 200 million Yahoo credentials for sale. You can't be blamed for feeling paranoid.
That goes double when it comes to your phone, which is increasingly the center of your life. Chances are, it's a repository for your bank account apps, private data like your passport and address, and other personal nuggets you desperately want to keep from prying eyes.
It's into that environment that Samsung introduced the Galaxy Note 7 on Tuesday. The company touted the phone's iris scanner as an extra layer of security beyond the simple password, or even the fingerprint. It's one of the first major phones to carry such a feature (last year's Lumia 950 and 950 XL also had an iris scanner), underscoring the mounting value consumers place on securing their mobile devices.
"We know that the more we live with smartphones, the more privacy and security is a growing concern," DJ Koh, head of Samsung's mobile business, said at the launch event.
Worthy of 007?
An iris scanner, even more so than the fingerprint reader, is the stuff of James Bond films.
So how does it work? Everyone's iris -- the colorful structure in the eye that controls the size of the pupil -- has a unique texture, much like a fingerprint, said Asem Othman, a biometric scientist at Hoyos Labs, which specializes in iris-reading technology. Unlike a fingerprint, the iris isn't affected by aging. For one thing, it's not exposed to the elements like the skin on your hands is.
"The iris is the only internal organ readily visible from the outside," Othman said in an email.
Regular cameras, however, can't make out all the textural and color differences between irises. The Galaxy Note 7 includes an additional front-facing sensor to enable the iris scanning. It fires an infrared light at your face and uses a special sensor to pick up detailed differences between irises.
Samsung said it spent five years working on the method of scanning the elements of the eye. The information is turned into a digital code that's stored in the "trusted zone," or a secure chip built in the phone, according to Justin Denison, senior vice president of product planning and marketing for Samsung's US arm.
He noted that while the iris scanner works in most conditions, it sometimes struggles in the sunlight, which can interfere with the infrared light.
So is it secure?
One major test of the scanner will be how easy it is to fool, said Toby Rush, chief executive officer of EyeVerify, a company that builds eye-scanning devices to help people log into their bank accounts. Eye-reading technology must be able to tell the difference between a real eye and a photograph, or as Rush calls it, a "spoof."
"It's something that we as an industry need to do better at," Rush said.
Theoretically, an iris scanner is supposed to be safer because it has more points of comparison than a fingerprint, said Moor Insights analyst Patrick Moorhead.
How will it be used?
Another test will be whether the new tool is easy to use, said Tuong Nguyen, an analyst at Gartner. Consumers aren't going to buy the phone just for the iris scanner, he said, and they likely won't even use it if it doesn't work on the first try.
"If I need to know anything about how to use it, I don't think it works," he said.
A test with the Galaxy Note 7 showed a quick response time between gazing at the phone and the device unlocking. But Samsung doesn't believe many folks will use it as their primary method to unlock the phone. The fingerprint reader, after all, still feels more natural.
Instead, Samsung pointed to the notion of a secure folder that contains your most personal information. The iris scanner acts as a second layer of protection for this folder. Business customers using Samsung's Knox security service could take advantage of the feature as well. Samsung is also partnering with institutions like Bank of America to let you use your eyes as a form of verification.
Samsung says it's a way to keep the contents of your phone away from other prying eyes -- even within your family.
"Parents will love this because it will help keep their kid's phone safe," Koh said. "And kids will love it because it will keep them safe from their parents."
Updated at 4:06 a.m. PT on August 5: To note that last year's Lumia 950 and 950 XL also had an iris scanner.