Apple's Touch ID is Still Vulnerable to Faked Fingerprints

Apple's Touch ID is Still Vulnerable to Faked Fingerprints

Posted by · 11113 views · Translate
Security on the Apple Touch ID fingerprint reader of the iPhone 6 has only been marginally tightened and it's still vulnerable to a simple fake fingerprint hack, reports Marc Rogers, chief security researcher at Lookout Mobile Security.

"I don't think people need to worry just yet, but there are distinct flaws that could lead to problems down the line, he told CNET. Rogers used the same low-budget technique to fake fingerprints and unlock the iPhone 6 as he demonstrated previously on the iPhone 5S.

"Sadly there has been little in the way of measurable improvement in the sensor between these two devices," he wrote. "Fake fingerprints created using my previous technique were able to readily fool both devices."

The only notable improvement is due to the better Touch ID sensor. Slightly "dodgy" fake fingerprints that were able to fool the iPhone 5s, did not work on the iPhone 6. To trick the iPhone 6 you need to make sure your fingerprint clone is clear, correctly proportioned, correctly positioned, and thick enough to prevent your real fingerprint coming through to confuse it.

While that is a slight improvement, Rogers says he can't help but wish Apple did more to tighten security.

"I can’t help but be a little disappointed that Apple didn’t take this chance to really tighten up the security of TouchID. Especially when you consider their clear intention to widen its usage beyond simply unlocking your phone into the realm of payments."

If you want to see how a fingerprint is lifted and cloned for use with Touch ID, check out these videos.

Read More [via CNET]


Apple's Touch ID is Still Vulnerable to Faked Fingerprints
Daniroxx - January 24, 2015 at 6:55pm
Nice article.. Visit http://softwarespatch.com for more stuff
cryinShame - October 29, 2014 at 6:56pm
"Rogers says he can't help but wish Apple did more to tighten security." How about: Rogers wishes Apple would tighten their security. So do we.
Bdiz - September 25, 2014 at 3:53pm
I think he should try it in real life. Lift a fingerprint from a reporter and then back into that reporter's device. All while conducting the interview.
cryinShame - October 29, 2014 at 6:58pm
Perhaps Mat Honan?
Tomy123 - September 25, 2014 at 6:47am
This is fake and never in live demonstrated!.
7 More Comments
Recent