Female digital eye; Shutterstock ID 362816678; PO: biometric authentication


Iris scanning for biometric authentication isn’t just for “Mission Impossible” movies anymore. With the newly introduced Samsung Galaxy Note7 including both iris scanning and fingerprint scanning built into the device, this cutting-edge technology is becoming a reality.

Biometric authentication can serve as another layer of security for mobile users concerned with protecting sensitive business or personal data. When combined with the multi-layered security of Samsung Knox and mobile device management (MDM) solutions, iris scanning offers a high level of protection against breaches due to lost or stolen devices. Having advanced authentication technologies on mobile devices is especially important if you work in a regulated industry like the government, financial services or healthcare.

Fingerprint Offers Convenient Authentication

Fingerprint scanning has been available on mobile devices for several years, including Samsung’s flagship smartphones and tablets. Easy to set up and use, fingerprint scanners offer a convenient authentication alternative for accessing the device, using a mobile wallet or accessing specific apps and accounts. Using capacitive technology, most mobile fingerprint scanners won’t be fooled by a simple reproduction of a person’s print, but experts warn that they may be vulnerable to hackers using advanced forgery techniques. For corporate devices containing sensitive data, fingerprints should be combined with a pin code or password to provide two-factor authentication protection.

Unlock with a Look

Each person’s iris pattern is unique; even among identical twins. These patterns are formed within 18 months of age and remain unchanged throughout a person’s lifetime, making the iris a strong and reliable biometric authentication measure with a very low false acceptance rate.

The Galaxy Note7 is the first Samsung smartphone to introduce iris scanning technology. The device uses an infrared (IR) camera to scan the users’ iris and safely store as an encrypted digital pattern. Each time the user authenticates to the device, their iris is scanned and the pattern is compared with the data stored in the device’s trust zone. Scanning takes about 1 second to complete.

Hackers may work day and night to get past new security measures, but the iris is complex cellular tissue and extremely difficult, if not impossible, to replicate. In fact, each part of the human eye (iris, pupil and sclera) has a different IR reflection rate. This means a hacker could not use a printed image of an iris or even an artificial eye made of another material because neither has the reflection rate characteristics.

While only one person can register their iris pattern to a device, the iris scanner on the Galaxy Note7 can recognize you even with glasses, contact lenses and sunglasses. Colored contact lenses, however, may interfere with the scanner. When wearing glasses, the light reflection from the glass surface can interfere with the sensor, leading to an iris recognition failure in some cases. If this happens, take your glasses off or adjust the angle of your sight to scan your iris properly.

To allow iris scanning, the Galaxy Note7 features a dedicated camera which utilizes a special image filter to receive and recognize the reflected images with an IR LED light. This red light allows for the best range for iris scanning. The Samsung technology also makes use of the light emitted from the Galaxy Note7’s display so the scanner can receive data even in low light environments.

What Iris Scanning Means for the Enterprise?

So, how can enterprises take advantage of this advanced biometric authentication technology?

Regardless of the strong security offered by iris scanning, the best practice remains to use two-factor authentication for the most sensitive mobile data.

Businesses may choose to mandate the use of iris scanning for employees to unlock their devices, or they may deploy it for accessing specific applications or secure containers. For example, the Galaxy Note7 features a Secure Folder in which users can store sensitive data or applications, and iris scanning can be used here instead of, or as well as, a password. Iris scanning would also be a good choice for securing an enterprise-level containerization solution such as Knox Workspace.

Hands-Free Authentication

Having this next-generation authentication as a security option on the Samsung Galaxy Note7 offers another level of security for enterprise, government, healthcare providers, or even security-conscious individuals. Iris scanning will grow in popularity as enterprises try to counter emerging mobile security threats. And with mobile banking on the uptick, iris scanning reinforces Samsung Pay security.

With the rise in mobile security attacks, biometric authentication is becoming a must-have feature for both consumer and enterprise mobile devices, and two-factor authentication a necessity. Therefore, you can expect to see biometrics reinforcing traditional password and PIN codes on your next mobile device.