Home / News / Mobile Phone News / iPhone 5S Touch ID bypassed by hackers

iPhone 5S Touch ID bypassed by hackers

by

iPhone 5S touch

Just a day after the launch of the iPhone 5S, hackers in Germany managed to bypass its much-lauded Touch ID fingerprint-scanning security technology.

Apple boasts concerning Touch ID that "Your fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike." However it seems that it's quite possible to fool the system with a relatively crude copy.

Hackers at the Chaos Computer Club (CCC) have revealed that Apple's Touch ID system can be bypassed using similar principles to previous fingerprint-scanner exploits.

According to a CCC blog post, the Touch ID scanner is much like previous implementations of the technology, only much higher resolution. "In reality," notes a hacker named Starbug, "Apple's sensor has just a higher resolution compared to the sensors so far."

As such, all you need to do to bypass it is increase the resolution of your fake.

This involves taking a 2400DPI picture of the iPhone 5S owner's fingerprint, then inverting and printing the image at 1200DPI on a transparent sheet. The hackers used a laser printer and a thick toner setting.

You then smear white wood glue onto the print, allow to set, and lift off for your very own fake fingerprint fit to unlock a state-of-the-art smartphone.

"It is plain stupid to use something that you canĀ“t change and that you leave everywhere every day as a security token", concluded Frank Rieger, spokesperson of the CCC.

Of course, the need to source a super-steady high-definition image of a person's finger suggests that your average iPhone 5S user has little to worry about. But any world leaders or secret service employees might want to stick to passcodes to secure their phones.

Next, read about the iPhone 5S problems and pitfalls.

schriss

September 23, 2013, 8:14 am

It would not work so quick if it was not just photo-copy of our fingerprints. Advanced scanners look at other things not just fingerprint, they look under the skin checking some patterns, but that takes time.
As it is now, the TouchID seems to be as secure as Face Unlock.

Pg

September 23, 2013, 1:09 pm

I'd say it's slightly more secure, as it's a little harder to get a decent copy of someone's fingerprint than taking a photo of someone.

schriss

September 23, 2013, 3:07 pm

I have read Google is changing Face Unlock to require facial expressions, so won't work with plain photo. That would make it harder to hack than TouchID.
But both solutions seem ridiculous in current state.
I think we need something else.

comments powered by Disqus