14 DAY TRIAL // Germany’s Chaos Computer Club (CCC) has managed to hack Apple’s Touch ID. What’s interesting about it is that the CCC’s biometrics hacking team used a method which they outlined in 2004, and which only requires materials that can be found in almost every household.
When the iPhone 5S was launched, Apple advertised Touch ID as being more secure than previous fingerprint technology. Some even offered a reward to anyone who managed to hack it.
However, the hackers claim that the only difference between Apple’s sensor and others is that it has a higher resolution. This means that the Touch ID can be cracked with the same basic process that has been used against the majority of other sensors.
The CCC simply photographed the fingerprint at a resolution of 2,400 dpi, and printed it onto a transparent sheet at 1,200 dpi. Then, pink latex was put on top of it to create the fingerprint impression. Finally, the latex sheet was removed and used to unlock the iPhone.
“We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token,” CCC spokesperson Frank Rieger noted.
“The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.”
So should you trust Touch ID to protect your data? As security expert Graham Cluley highlights, you can rely on it for “casual security.” However, if you’re storing highly sensitive data on your device, it shouldn’t be the only security mechanism to use, especially since your fingerprints are not difficult to obtain.
Here is the CCC’s demonstration video:
