iPhone 5s Touch ID tricked with fake fingerprint

Fame has its price, making you a bigger target than the kid down the street, as exemplified by this latest demonstration involving the newly released iPhone 5s and its much advertised fingerprint sensor. Hackers from Germany's Chaos Computing Club (CCC) have shown how they were able to deceive Apple's latest security feature into believing they're someone they're not.Apple's iPhone 5s, which just became available in stores last Friday, features a new biometrics-based security system that involves analyzing a user's fingerprint and using that to unlock the phone. You can read up on how the technology works, as well as our overall impressions of the iPhone 5s, in our detailed review. While Apple is hardly the first to introduce such a security system, the iPhone 5s is probably the first to distribute it to such a massive market.

Naturally, not everyone is happy about it or even believes that the technology is a more secure alternative. CCC member Starbug released a video as well as instructions on how the group managed to dupe the Touch ID using a fake fingerprint produced from a printed high-resolution photograph of an actual fingerprint, doused with latex milk and breathed on for a good measure of human-like moisture. The results, which you can see in the video below, seemed taken right out of a spy film, but is hardly unsurprising. The procedure did not actually compromise the security feature, but it was enough to drive home the point.

The CCC are not big fans of biometric security system, even going as far as successfully lifting and cloning the fingerprint of a German politician who was vocally in favor of implementing such measures to combat terrorism. The procedures the CCC shared even gave details on how to best lift fingerprints, using well-established methods already being used in forensics or even just household materials like superglue.

Of course, there could be other simpler, less covert ways to unlock the iPhone 5s, which is made easier when one has access to both the device and the owner themselves, but this incident should be a reminder not to fall into the trap of substituting technology for safe practices or even a pinch of common sense. This brings a whole new meaning to the saying keep your hands, or in this case, fingers, to yourself.

SOURCE: Chaos Computing Club

VIA: Ars Technica