Chaos Computer Club has claimed that they have managed to break Apple’s TouchID using everyday material and method available on the web.

Explaining their method on their website, the CCC hackers have claimed that all they did was photograph a fingerprint from a glass surface, ramped up the resolution of the photographed fingerprint, inverted and printed the fingerprint using thick toner settings, smeared pink latex milk or white woodglue onto the pattern, lifted the latex sheet, moistened it a little and then placed it on the iPhone 5S’ fingerprint sensor to unlock the phone.

Starbug, one of the hackers whose experiments on the TouchID which led to successful bypass of the phone’s security, said, “In reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake”, said the hacker with the nickname Starbug.

CCC claims that biometric security systems like fingerprint scanning have been designed for “oppression and control” and that such technologies cannot be used to secure everyday data and should be avoided. CCC spokesperson, Frank Rieger, said “It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token.”

You can check out a small demonstration video below:

  • FYI, this isn’t cracking. That is a common weakness in all fingerprint recognition systems, and old attack as well. The title for this article is misleading, as the encryption and underlying subsystems wasn’t cracked, but that the fingerprint was copied. It is more accurate to say that the fingerprint can be copied and used to unlock an iphone 5S.

    • tridus

      it’s a known weakness of all fingerprint recognition systems, which is why fingerprint recognition systems are crap and not anything resembling security.

  • Additional note: Just because it’s a finger print scanner doesn’t mean that it is always a fingerprint that it is keyed to. *hint* *hint* So the print that unlocks the device can be changed.

  • whycantibeanon

    C’mon, CCC… Lifting a fingerprint and calling that as “breaking the iPhone 5S touchid” is really stretching the term “broken” just to gain some fame and recognition. Weak.

  • Mark Jacobs

    Apple should be using retina-scanning technology by now. After all, they’ve had 6 years since 2007’s first iPhone release. Come on, pull your finger out (pun intended!).