iPhone fingerprint sensor hacked by Chaos Computer Club

461 Flares 461 Flares ×

It only took two days before Apple’s fingerprint sensor got hacked. Germany’s Chaos Computer Club cracked the protection around the Apple fingerprint sensor on the new iPhone 5S, only two days after the device went on sale worldwide.

The group posted on their site saying that their biometric hacking team took a fingerprint of the user photographed from a glass surface and then created a fake fingerprint which could be placed on a thin sheet of film and used like a real finger to unlock the iPhone.

The claim may have been easily dismissed in certain quarters, but the group uploaded a video as well to proof their success. The story will cause concern for many businesses who may have felt that the new fingerprint reader was a move forward in regards to keeping their mobile devices secure.

An Apple employee, right, instructs a journalist on the use of the fingerprint scanner technology built into the company's iPhone 5S during a media event held in Beijing, China, Wednesday, Sept. 11, 2013. For the first time since introducing the device that has reshaped technology and culture, Apple will offer two distinct versions of its latest iPhones - a cheaper model made of colorful plastic and another one that aims to be "the gold standard of smartphones" with a faster processor, fancier camera and fingerprint scanner for better security. (AP Photo/Ng Han Guan)

An Apple employee, right, instructs a journalist on the use of the fingerprint scanner technology built into the company’s iPhone 5S during a media event held in Beijing, China, Wednesday, Sept. 11, 2013. (AP Photo/Ng Han Guan)

Starbug, a member of the Chaos Club said “This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided. In reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake. As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”

While this is not as severe as actually hacking the phone and extracting the fingerprint respresentation it proves that the methodology is not perfect.

This is now the third security failing for Apple since the new phone and iOS7 were released last week. One found the Emergency Call screen can be used to place a call to any number, and another showed a flaw in iOS7 Control Centre to access photos and send emails.

The Chaos Computer Club detail how they unlocked the phone with a fake print. They took a fingerprint from glass. The print is made visible using graphite powder or a component of superglue and then photographed at high resolution to create a 2,400 ppi scan. That is then printed onto an overhead projector plastic slide using a laser print, forming a relief. This is then covered in wood glue and attached to a real finger.

Kitguru says: 2 days, must be a new record.

VN:R_U [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
461 Flares Google+ 0 Twitter 2 Reddit 0 StumbleUpon 0 Email -- Facebook 459 461 Flares ×

2 Comments
  • zsfsd
    September 23, 2013
    #1
    VA:R_U [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

    somethings wrong with your hand dude

    VA:R_U [1.9.22_1171]
    Rating: 0 (from 0 votes)
  • Laser4me
    September 25, 2013
    #2
    VA:R_U [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

    really? great reporting, 3 security claims all of which are bullshit. 1 the phone in video is fake as its not 5S they forgot their extra hole thats not there between ear speaker and the left edge. Plus the ear speaker is the old one huge 5 S is much smaller and it shows cause the time on screen is half the size of the ear piece on 5S it is almost lined up. the flaw about the other 2 are settings. an emergency call to call an ICE number so you can call others to tell them of emergency. if it was only 911 it would be a 911 button only. not dial pad. the control center thing is also a setting allowing access on lock screen to those features . Um yeah something is wrong with his hand plus grease on phone makes it CRYSTAL clear. That phone is fake fake.

    VA:R_U [1.9.22_1171]
    Rating: 0 (from 0 votes)
Leave a Reply:



 

Polls

As i51 kicks off, how often do you game on a PC?

View Results

Loading ... Loading ...
KitGuru Facebook
*
Latest News Latest Previews
Related Posts
Archives