Germany’s Chaos Computer Club (CCC) broke Apple’s TouchID system about a day after the 5S was released.
“A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID,” CCC wrote on its blog Saturday. “This demonstrates–again–that fingerprint biometrics is unsuitable as access control method and should be avoided.”
Since the 5S was unveiled on Sept. 10 during an Apple keynote address, security specialists have feared that the new fingerprint system could be accessed surreptitiously by the National Security Agency (NSA). Apple has stated that all fingerprint data is stored on each phone only.
“As we have said now for more than years, fingerprints should not be used to secure anything,” said Starbug, one of the hackers involved in the experiment. “You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”
As the first group to officially hack Apple’s system, CCC may have just won some serious cash courtesy of Nick DePetrillo, a security researcher.
On Sept. 18 DePetrillo announced that he would dole out money to any hacker who “lifts a print off the iPhone 5s screen, reproduces it and unlocks the phone in [less than] five tries.”
Check out the short video below of CCC cracking TouchID.
Screenshot via YouTube