Apple's Touch ID broken by hacker group?

Apple's Touch ID broken by hacker group?
The Chaos Computer Club has claimed that its "biometrics hacking team" has broken Apple's Touch ID, just days after the release of the iPhone 5s.

Apple has touted the security of its fingerprint scanner system that can be used to unlock an iPhone 5s and for iTunes purchases. It said that the system cannot be beaten as easily as some other fingerprint scanners, which have found to be particularly weak.



In fact, Apple even discounted the possibility that a severed finger could be used.

Enter the Chaos Computer Club, a group many of you will have heard of before. It now claims that just days after the iPhone 5s release, it can already spoof Apple's Touch ID "using easy everyday means."

"A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID," CCC claims.

"This demonstrates again that fingerprint biometrics is unsuitable as access control method and should be avoided."

A hacker with the nickname Starbug claimed all the group had to do was ramp up the resolution of its fake. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."

The group has posted a video which allegedly shows the spoof working.



More information: Chaos Computer Club.

Written by: James Delahunty @ 22 Sep 2013 18:52
Tags
Apple iphone 5s Chaos Computer Club
Advertisement - News comments available below the ad
  • 3 comments
  • Morreale

    Meh, I'm not surprised. I think probably 99% of 5S owners are safe from this ever happening to them though.

    I doubt many will really use this feature anyways once winter comes along. Not worth sacrificing gloves over lol

    *\\\****//\\\***//\\\*****
    **\\\**//**\\\*//**\\\*******
    ***\\\//****\\\ ****\\\****

    22.9.2013 21:04 #1

  • dEwMe

    Err I gotta say if anyone wants my info that bad they can have it or could have gotten it by other means. I am not an Apple fan nor would I ever own an iPhone. I am just saying going to all that work to get the average person's info? Prob not worth it...A fake finger? REALLY? LOL... So maybe not ironclad protection but good enough for your average user and certainly better than that password they are using variations of on 20 or 30 sites across the internet.

    Just my $0.02,

    dEwMe

    23.9.2013 13:49 #2

  • plazma247

    But wasnt it suppose to be an uber secure sub dermal biometric device.. the hack suggests it not at all.

    27.9.2013 19:31 #3

© 2023 AfterDawn Oy

Hosted by
Powered by UpCloud