A group of German hackers called the Chaos Computer Club has reportedly figured out a way to bypass Apple’s new Touch ID fingerprint sensor using a variation of the long-running ‘fake finger’ technique.
The method involves taking a high resolution photo of the original user’s fingerprint, printing it on a transparent sheet with a thick toner setting, and then filling it in with pink latex milk. Here, watch the video…
And here’s the method used by the group (via ZDNet):
“The method follows the steps outlined in a how-to with materials that can be found in almost every household: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.”
The group says the hack reaffirms the notion that biometric security isn’t foolproof, claiming it can be performed with “household materials.” However, it’s not likely that the average person has any of this equipment.
It’ll be interesting to see where this goes from here, but as of now, there’s no cause for concern. The method is just far too complex, with too many caveats, for there to be any real threat to the average iPhone 5s user.
What do you make of all of this?