Galaxy Note 7 Iris Scanner Explained

An anonymous reader writes from a report via Android Authority: The Galaxy Note 7 was just announced and one of the most intriguing features is its iris scanner. Android Authority has a report explaining how it works: "According to the company, the device stores your registered iris information as an encrypted code safely in its hardware using its KNOX security platform. Whenever you want to access content, such as a protected app, the device first captures your iris pattern for recognition, extracts and digitizes it, and then proceeds to match it with the encrypted code to provide access. You can be sure that no one else apart from you can access your device in case it is stolen or lost because the Note 7 registers the iris information of only one person. Samsung has made all this possible by including a dedicated iris camera for recognizing the composition of the user's eyeballs. The dedicated iris camera uses a special image filter to receive and recognize the reflected images of the irises through an infrared light on the other end of that panel. The light emitted from the Galaxy Note 7's display allows the scanner to receive data even in low light environments." The iris scanner can be used to access private information via Samsung's Secure Folder feature. Samsung also plans to partner with major financial institutions to incorporate its iris scanner into mobile banking applications.

password fallback?

[DrYak]

Don't worry, you'll probably be able to fall back to using your secure password.

You know, the thing that look like base64-encodednoise from /dev/random... that you've completely forgotten about because you've always used the iris function right up until the bd conjunctivitis that started this morning.

Or the long password which is basically just two words followed by a number and even a "!" For good measure (hey, they asked to use a special). You know it's a good one because the 3 websites where you use it showed you a green bar in their security meter.
(What you don't know, is that 2 of these website got their DB hacked, they only used salted SHA-1 (hey, but it's salted) and your password is among the 75% of the million hash leak that got bruteforced within the first 2 days, because it's such a common pattern)