iPhone 5s Touch ID bypassed with a fake fingerprint
Just days after the launch of Apple's iPhone 5s, German security and privacy group Chaos Computer Club, claims to have found a way to bypass the Touch ID fingerprint reader. The group says that this demonstrates that "fingerprint biometrics is unsuitable as an access control method" but the "hack" is longwinded enough to mean that it is unlikely to be of concern to most people.
The Chaos Computer Club (CCC) goes as far as explaining precisely how it managed to bypass Touch ID using a fake fingerprint fabricated from a photo of a print.
The group has previously shown how easy it is to fake fingerprints using original prints left on glass surfaces. Bypassing the security of the iPhone 5s uses very much the same method, but relies on a higher resolution fake to help fool the high resolution sensor found on the phone.
So how does it work? CCC says that the hack can be accomplished with "materials that can be found in almost every household". After dusting a suitable fingerprint left on a glossy surface, the print is photographed, touched up and laser printed out onto a transparent slide. The toner from the laser printer gives a slightly raised representation of the fingerprint which can then be used to create a fake fingerprint. The secret ingredient? Wood glue.
The glue is smeared over the printout and lifted off when it dries. To help trick the iPhone's sensor, the latex fingerprint is then breathed upon to give it the slightly moist feel of a real finger and it can then be used to unlock the phone.
Have doubts about whether it could work or not? Check out the demonstration video on YouTube :
Does this concern you or is this a hack we don’t need to worry about?