Whenever a new security system is introduced, hackers around the world try to break it as soon as possible. The same is the case with the iPhone 5S’s new fingerprint sensor. Hackers of the Chaos Computer Club (CCC) have successfully bypassed the biometric security of Apple Inc. (NASDAQ:AAPL)’s TouchID. As we all know, nothing’s perfect and fool-proof in this world, and the group has proved that a fake finger can easily unlock the iPhone 5S’s TouchID system.
“This demonstrates—again—that fingerprint biometrics is unsuitable as an access control method and should be avoided” said the group in a blog post.
CCC says that the public should no longer be fooled by the biometrics industry with false security claims. Such a line of defense is not hard to bypass, especially as we leave our fingerprints everywhere. If someone wants to gain access to your phone, then they could easily get the fingerprint and then make a fake finger out of the lifted prints.
The group explained in detail how they were able to trick the fingerprint sensor of the iPhone 5S. A normal piece of paper with a fingerprint didn’t work because the sensors on the phone are of a higher resolution that we normally use. Firstly, the fingerprint of the user is photographed with 2400 dpi resolution. The picture is then cleaned up and laser printed with 1200 dpi onto a transparent sheet with a thick toner setting. Finally, latex or woodglue is smeared into the pattern created by the toner. The thin latex sheet is then lifted from the sheet, breathed on to make it a tiny bit moist and then carefully placed onto the sensor of the phone. All of this works by using materials easily found in almost any household. Scary, right?
The below video shows the tactic working successfully.
