James Delahunty
22 Sep 2013 18:52
The Chaos Computer Club has claimed that its "biometrics hacking team" has broken Apple's Touch ID, just days after the release of the iPhone 5s.
Apple has touted the security of its fingerprint scanner system that can be used to unlock an iPhone 5s and for iTunes purchases. It said that the system cannot be beaten as easily as some other fingerprint scanners, which have found to be particularly weak.
In fact, Apple even discounted the possibility that a severed finger could be used.
Enter the Chaos Computer Club, a group many of you will have heard of before. It now claims that just days after the iPhone 5s release, it can already spoof Apple's Touch ID "using easy everyday means."
"A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID," CCC claims.
"This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided."
A hacker with the nickname Starbug claimed all the group had to do was ramp up the resolution of its fake. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."
The group has posted a video which allegedly shows the spoof working.