Watch Apple’s TouchID get defeated by glue

Apple’s TouchID fingerprint scanner was a pretty big feature added to the iPhone 5S. On the company’s website, they claim that “it’s the perfect password.” Something that is always with you and that nobody can duplicate. Well, until now. That escalated quickly.

Whenever you design a new security feature for your device, never claim it’s impenetrable. Nothing gets hackers frothed up faster. Especially when it’s coming from a big and often times arrogant company like Apple. As soon as TouchID was announced, there were already challenges going up on tech sites to see who could be the first to crack it. That honour goes to German team Chaos Computer Club. Their methods for cracking the fingerprint reader were decidedly low tech. No coding experience needed. All you need is a camera, printer, and some glue.

First you need to grab a clean finger print from your victim, and take a high resolution photograph of it. Then you need to flip the image around and print it out. Using a 1200dpi laser printer with a thick toner setting, they copied the print onto a transparency sheet. Next they drizzled ordinary wood glue over the copy. As the glue dries, the ridges from the toner embed in it, creating a perfect replica of the original fingerprint. The final step was to moisten it slightly by breathing on it, and Bobs’s your uncle. You’ve just hacked TouchID.

This isn’t a new technique either. It has fooled the vast majority of fingerprint scanners on the market. In fact, Mythbusters did an episode on this awhile back using the same method. Granted it’s not a quick fix. However, if you have patience and access to their dirty dishes, you can hack into most people’s new iPhones. The best part is that Apple will probably not be able to patch TouchID future firmware update. Which just goes to show. Any security method that requires just one step of authentication, isn’t even remotely secure.

Source: Gizmodo

Image: “Spaceballs”, property of MGM