Touch ID success

Over the weekend, a group of hackers called the Chaos Computer Club announced that it had managed to bypass Apple’s Touch ID system using the popular ‘fake finger’ method involving a hi-res photograph, and pink latex milk.

As you’d expect, the announcement has caused quite a commotion, and has a lot of folks concerned. But according to security expert Marc Rogers, they shouldn’t be. He says the average consumer has nothing to worry about…

Here, Rogers explains how difficult it would be to replicate the hack (via ArsTechnica):

“First you have to obtain a suitable print. A suitable print needs to be unsmudged  and be a complete print of the correct finger that unlocks a phone. If you use your thumb to unlock it, the way Apple designed it, then you are looking for the finger which is least likely to leave a decent print on the iPhone.

Next you have to “lift” the print. This is the realm of CSI. You need to develop the print using one of several techniques involving the fumes from cyanoacrylate (“super glue”) and a suitable fingerprint powder before carefully (and patiently) lifting the print using fingerprint tape.”

And even after all of this, all a thief would have thus far is a slightly smudged print on a white card. They’d still have to create the fake fingerprint, which is, according to Rogers, the hardest part requiring the most skill and materials.

He sums it up by saying that the whole thing is still in the realm of a “John le Carré novel,” meaning it’s nothing that your average thief would be able to do. And don’t forget, Touch ID times out after 5 rejected fingerprint attempts.