Apple's Touch ID fingerprint scanner has been hacked, group claims

By on September 23, 2013, 8:30 AM

A Berlin-based group of hackers claim they have successfully hacked the fingerprint reader on Apple’s new iPhone 5S just days after its release. The Chaos Computer Club (CCC) said fingerprints should not be used to secure anything as we leave them everywhere and it’s far too easy to make fake fingers out of lifted prints.

In an announcement on the group’s website, a hacker by the name of Starbug was able to use a slightly modified version of a laser printing method developed in 2004 to circumvent Apple’s Touch ID. Specifically, the fingerprint of the user is photographed at 2400 dip resolution. This image is then cleaned up, inverted and laser printed at 1200 dpi onto a transparent sheet with a thick toner setting.

From here, a pink latex milk or white wood glue is smeared into the pattern and allowed to cure. Once that is complete, the latex sheet is lifted from the sheet, breathed on to make it slightly moist then placed on the Touch ID sensor.

This appears to be the first known hack of Touch ID and for the hackers, it could also mean a big payday. A crowsourced bounty program created by security researchers Nick Depetrillo and Robert David Graham has raised nearly $20,000 in various currencies and multiple bottles of booze for the first person to provide a successful hack of Touch ID.

The most recent message on the site as of writing notes they have been contacted by CCC and they may be the winner.




User Comments: 9

Got something to say? Post a comment
OliTheG OliTheG said:

Hey, so remember when I said about 4 days ago that it would be cracked the same way the Mythbusters got into a fingerprint door; by taking a mould of the fingerprint and putting it over a living finger, people laughed at me?

AHAHHAHAHA. I hate to say I told you so, but

fimbles fimbles said:

Fingerprint locks are indeed useless. Not surprising in the least.

lipe123 said:

So just like in every spy movie EVER where the "evil guy" makes a thin fake fingerprint on something else and just places it over his own finger... yeah saw that one coming.

Andysout Andysout said:

Yes fingerprint readers are all like that... it's more of a feature to quickly log into my phone.

3 people like this | Guest said:

...not useless, it's meant for getting the NSA all of our fingerprints...

Tygerstrike said:

A interesting suposition about them wanting our prints. Kinda funny if you think on it. Its a tiny shocking when you think how that fingerprint information could be used. If its not secure how many ppl would be able to use that information. Lets face it, if they murdered someone (the NSA) and they left a copy of your prints, could you prove your innocence??

JC713 JC713 said:

I knew someone would use that method. Any finger print reader can be hacked nowadays.

dennis777 dennis777 said:

Hey, so remember when I said about 4 days ago that it would be cracked the same way the Mythbusters got into a fingerprint door; by taking a mould of the fingerprint and putting it over a living finger, people laughed at me?

AHAHHAHAHA. I hate to say I told you so, but http://www.techspot.com/community/Hey, so remember when I said about 4 days ago that it would be cracked the same way the Mythbusters got into a fingerprint door; by taking a mould of the fingerprint and putting it over a living finger, people laughed at me? AHAHHAHAHA. I hate to say I told you so, but

apparently Apple did not watch that episode, hehe

1 person liked this | captainawesome captainawesome said:

Why is the guy in the video shaking like that?

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.