German hackers have figured out how to bypass Apple’s new Touch ID fingerprint scanner over the weekend using a variation of a long-running biometric security flaw.
Essentially what takes place is the user takes a high resolution photo of the original fingerprint, then prints it on a transparent sheet with a thick toner setting and finally it is then filled with pink latex milk.
Here is the official explanation (via ZDNet) from the German Hackers who go by the name of Chaos Computer Club.
“The method follows the steps outlined in this how-to with materials that can be found in almost every household: First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.”
The average person doesn’t likely have any of this equipment lying around their house, but the group of hackers reaffirmed the notion that biometric security doesn’t come without its flaws. I am sure this is the first of many bypasses to surface around Apple’s Touch ID fingerprint sensor, but this particular method is too complex for iPhone 5s users to have to worry about.