Apple Touch ID, Target For Hackers, May Already Be Defeated

The iPhone 5S has been in the public's hands for one weekend, and already the battle cry has gone out: who can be the first to hack the new phone's Touch ID fingerprint scanner?

By Saturday one group, known as the Chaos Computer Club, claimed that their biometrics hacking team had "successfully bypassed the biometric security of Apple's TouchID using easy everyday means. A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID."

Watch the video see how the process, which involves "everyday" items like transparent sheets, a laser printer, pink latex milk and white wood glue can bypass the biometric sensor on the new iPhone 5S.

This type of methodology, which has been around since the first season of Alias, is pretty much par for the course for biometric hacks, as are far more gruesome methods that involve coercion and dismemberment to get the fingerprint you need. But if it works, it works.

The stakes are rather high. Not only are hackers seeking the glory of being the first to crack through Apple's vaunted biometric security, but there's also an open bounty of about $16,000 being offered by the site Is Touch ID Hacked Yet for the first proved method to hack the iPhone 5S system.

The bounty site is aware of the German group's technique, though it is waiting for video confirmation that the method can be duplicated by lifting a print from any object, such as a glass or cup.

"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can't change and that you leave everywhere every day as a security token", said Frank Rieger, spokesperson for the Chaos Computer Club.

 

Image and video courtesy of Chaos Computer Club.