Hackers 'crack' Apple's fingerprint scanner

LORENZO FRANCESCHI-BICCHIERAI
Last updated 13:16 23/09/2013
iPhone 5S Touch ID fingerprint recognition
Reuters
TOUCH THIS: The new iPhone 5S comes with with fingerprint-recognition technology.

Relevant offers

Gadgets

Galaxy S5 durable, but iPhone has edge Google buys drone maker Titan Aerospace Sony issues warning over Vaio batteries Report: Amazon to unveil smartphone Google to sell Glass to public next week High-tech farm machines harvest Big Data Scientists try to 3-D print a human heart Facebook can fuel Oculus growth, CEO says S5 features useful, less about gimmicks Device helps paralysed man move legs

This post was originally published on Mashable.

Just days after Apple made the iPhone 5S available to the public, a group of hackers claimed that they had already cracked the phone's Touch ID fingerprint scanner.

The Chaos Computer Club (CCC), a Berlin-based group of hackers, announced the successful hack of the fingerprint reader on the group's website on Sunday. 

In their announcement, the group said that a hacker by the name of Starbug successfully broke Apple's new security authentication system, using laser printing to fake fingerprints, which he developed in 2004. He allegedly only had to make some adjustments.

"In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake," Starbug said in the announcement. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."

The hackers detailed the process step by step.

"First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market," they said.

Ad Feedback

The group also posted a YouTube video that shows someone unlocking the phone using a fake laser-printed fingerprint.

As the first alleged hackers of the Touch ID scanner, the CCC may be able to claim a crowd-sourced bounty of almost US$20,000, a few bottles of booze and a pornographic book - a reward offered by a group of hackers and security researchers to the first person to successfully break Touch ID.

The de facto leaders of the challenge to hack the fingerprint reader, security researchers Nick Depetrillo and Robert David Graham, announced they were reviewing the CCC's claim and waiting for a video showing the entire process - from lifting the fingerprint to unlocking the phone with the fake fingerprint, per the contest's rules.

After the publication of the CCC's announcement and video, the website IsTouchIDHackedYet.com changed its header from "no" to "maybe".

Apple has not revealed when the iPhone 5C or 5S will be available in New Zealand.

Mashable is the largest independent news source covering digital culture, social media and technology.

Comments

Special offers

Featured Promotions

Sponsored Content