The biometrics segment of the German hacking group the Chaos Computing Club (CCC) said it has successfully broken through Apple’s Touch ID fingerprint security on the iPhone 5S.
In a post on the CCC’s website, the group says a fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with Touch ID.
“This demonstrates – again – that fingerprint biometrics is unsuitable as access control method and should be avoided,” the CCC wrote on its website.
A hacker with the nickname Starbug, who worked on the project, said that while Apple’s sensor has a higher resolution compared to other the sensors, it didnt’ change the nature of hacking the Touch ID feature.
“We only needed to ramp up the resolution of our fake”, said Starbug. “As we have said now for more than years [sic], fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”
The CCC published relatively complciated directions for how to trick Apple’s new security feature. Wireless Week was unable to reach the CCC or Apple and was also unable to verify that the hack actually works.
Apple’s Touch ID, which allows users to unlock their phones and Apple accounts using only their fingerprints, was meant to be a major differentiator for Apple’s new iPhone 5S.
Shares of Apple were up nearly 7 percent to $498.29 at the opening bell Monday on news the company had sold a record 9 million iPhones in the first weekend of iPhone 5S and 5C sales.