Ever since Apple announced their new fingerprint security feature, called Touch ID, on the new iPhone 5s earlier this month, hackers and the press were wondering just how secure the new feature would be. Now that the phone has been released to the public, the well-known German hacker group, Chaos Computer Club, put the Touch ID feature to the test and found that it falls victim to the same shortfalls of other fingerprint recognition security, just with a little more work needed.
This hack is fairly sophisticated and shouldn’t create any security issues for 99% of iPhone 5s users. Regular thieves will more than likely find the process too complex to perform, making this more a task for high level thievery. To bypass the feature, the fingerprint of the phone user would need to be lifted and photographed from a glass surface using an extremely high-resolution capture. The hacker claiming responsibility for the hack, Starbug, mentioned that “in reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake”.
There are a lot more technical details on the Chaos Computer Club website if you were really interested in how it is done, or you can check out the brief video posted below. The group is Europe’s largest association of hackers, and is around not to gain sensitive information from users, but as a hacktivism group that provides information on the technical problems of our current security measures. No technology or security features are perfect, but some security is definitely better than no security.
Sources: Chaos Computer Club