23 Sep 2013

New iPhone Fingerprint Sensor Hacked with Old Technique

German hackers claim to have breached the new iPhone’s Fingerprint scanner lock with an old but efficient technique. The Chaos Computer Club took a photo of someone's fingerprint left on a glass surface, and then used it to create a fake fingerprint that unlocked the new iPhone 5S secured with TouchID.

“In reality, Apple's sensor has just a higher resolution compared to the sensors so far,” said the hacker who goes by the name of Starbug.

“So we only needed to ramp up the resolution of our fake. As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”

Apple had released the new iPhone last week. The fingerprint sensor was allegedly created to provide more security than previous technology. The idea was motivated by the fact that some users considered entering a password as time-consuming.

The Chaos Computer Club warned that biometrics is “inherently insecure”. “We hope that this finally puts to rest the illusions people have about fingerprint biometrics,” the Chaos Computer Club spokesperson Frank Rieger said.

“It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token. The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.”

The hacking group also published a YouTube video to show how the iPhone 5S can be hacked. The Germans could win over $13,000, booze and Bitcoin currency if their proof-of-concept is accepted by the crowd-sourced project istouchidhackedyet.com. The status of the website offering cash, whiskey and wine for the first hacker who manages to break Apple’s fingerprint scanner stands as “maybe” until they will designate the winners.