A Berlin-based group of hackers claim they have successfully hacked the fingerprint reader on Apple’s new iPhone 5S just days after its release. The Chaos Computer Club (CCC) said fingerprints should not be used to secure anything as we leave them everywhere and it’s far too easy to make fake fingers out of lifted prints.
In an announcement on the group’s website, a hacker by the name of Starbug was able to use a slightly modified version of a laser printing method developed in 2004 to circumvent Apple’s Touch ID. Specifically, the fingerprint of the user is photographed at 2400 dip resolution. This image is then cleaned up, inverted and laser printed at 1200 dpi onto a transparent sheet with a thick toner setting.
From here, a pink latex milk or white wood glue is smeared into the pattern and allowed to cure. Once that is complete, the latex sheet is lifted from the sheet, breathed on to make it slightly moist then placed on the Touch ID sensor.
This appears to be the first known hack of Touch ID and for the hackers, it could also mean a big payday. A crowsourced bounty program created by security researchers Nick Depetrillo and Robert David Graham has raised nearly $20,000 in various currencies and multiple bottles of booze for the first person to provide a successful hack of Touch ID.
The most recent message on the site as of writing notes they have been contacted by CCC and they may be the winner.