Group that hacked Touch ID last year, is back with an easier way to fool your fingerprint scanner

Group that hacked Touch ID last year, is back with an easier way to fool your fingerprint scanner
Apple's Touch ID not only allows you to unlock your phone using your fingerprint, it also allows you to verify an Apple Pay transaction. Your fingerprints are supposed to belong only to you, making identifications using them "positive." But what would happen if it turns out that a fingerprint scanner isn't such a great security tool?

A group of hackers, the largest such group in Europe, now says that they can take a few photographs of your fingers, and employ commercially available software, to break into a fingerprint recognition system. The claim was made by the Chaos Computer Club at their 31st convention. Using the VeriFinger software, the Club's Jan Krissler copied the thumbprint of German Defense Minister Ursula von der Leyen. Krissler used photos showing a few different angles of the Defense Minister's thumb to help produce the image.

If the Chaos Computer Club sounds familiar, you might recall that last year the group announced that it had developed a way around Touch ID on the Apple iPhone 5s. The process involved the production of a latex sheet that would include an image of the "stolen" fingerprint. The sheet would be used to trick Touch ID into believing that the phone's owner was pressing the handset's home button. The latest technique involves the use of a regular camera and widely available software. The pictures of the German Defense Minister's fingers used for the demonstration, were taken during a press conference in October.

This doesn't necessarily mean that fingerprint based security measures like Touch ID are useless. Nor does this mean that you should be wearing gloves at all times in case someone wants to snap pictures of your fingers. Just keep in mind that fingerprint scanners are just one tool in your arsenal against those who want to steal your personal data. This might be a wake up call for those who should be looking at multiple methods for securing their phone.


source: VentureBeat via RedmondPie

FEATURED VIDEO

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless