Apple iPhone 5S main seller—the fingerprint sensor—was successfully hacked by a biometrics hacking team.
The Chaos Computer Club (CCC) detailed on its blog post the steps done to get around the touch ID fingerprint scanner of the new iPhone. The hacking team created a fake finger in order to unlock the iPhone 5S which only proves that fingerprint biometrics isn’t that secured enough as what Apple had claimed.
"In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake", said the hacker with the nickname Starbug, who performed the critical experiments that led to the successful circumvention of the fingerprint locking. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints."
The hackers outlined the steps they did to bypass the fingerprint scanner. The first step is to take a photo of a fingerprint of the owner using a camera that has a 2400 dpi resolution. It is then printed using laser technology. The last step is to smear a transparent sheet with a glue to create a pattern of the fingerprint. Once it dries out, the pattern can be lifted. The hacker is now ready to use the pattern as a fake finger to unlock the device.
The CCC decided to reveal the technique in order to prevent people from being deceived about the fingerprint technology that Apple has been promoting.
"The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access."
Watch the video documentation of the fingerprint scanner bypass process courtesy of the Chaos Computer Club.