Mobile Commerce & Other Media Ltd

MCOM Blog

Apples Fingerprint security not so secure after all.

September 25th 2013

Apple’s new fingerprint based security system on Apple’s latest iPhone may not be as safe as you might think. A German hacking group has managed to bypass the security with a household printer and glue!

German hacking group, the Chaos Computer Club said they managed to trick the biometric sensor in the 5S simply by creating an artificial copy of a genuine fingerprint.

The group took a high-resolution photograph of a fingerprint left on a glass surface, printed it onto a transparent sheet and smeared the pattern with wood glue. Once the glue set, it was peeled off and placed on another finger to mimic the genuine print.

Apparently it was pretty easy for the group to do. In an interview with The Associated Press, Dirk Engling said, “We used this method 10 years ago and didn't have to change much for the iPhone. The hardest bit was getting hold of one of those new iPhones because they are chronically sold out.”

The Chaos Computer Club, who have a long history of finding security flaws in soft- and hardware, videoed the whole thing so independent experts could verify it.

A senior security researcher at Kaspersky Labs, David Emm, said the group’s claims exposed the flipside of biometric security systems. “If my passcode becomes compromised, I can simply replace it with a new one hopefully one that's more secure. But I can't change my fingerprint it's part of what I am and so I'm stuck with it," Emm said.

Engling suggested that Apple could have made its fingerprint system more secure, but that this may have caused problems for users if they didn’t swipe their finger across the miniature scanner properly and ended up locked out of the device after repeated failed attempts.

Return

Welcome to the MCOM Blog. We will try keep you up-to-date with our latest new, amaze you with at our findings and informed about whats going on in the world of mobile commerce...


Our clients


Vodafone EE Orange Virgin Mobile Three T-Mobile O2