Hacking group says photos could be used to fool Touch ID

By

Touch ID may not be so secure, after all. Photo: Apple
Touch ID may not be so secure, after all. Photo: Apple

Europe’s largest collective of hackers, the Chaos Computer Club, claims to have come up with a way of reproducing fingerprints using only a handful of photos (no pun intended) showing your fingers.

Speaking at the 31st annual Chaos Computer Club convention in Hamburg, Germany, hacker Jan Krissler, a.k.a. “Starbug,” said he had managed to copy the thumbprint of German Defense Minister Ursula von der Leyen.

This was apparently done using the commercially available software VeriFinger, using a close-up picture of von der Leyen’s thumb, taken from a news conference in October, as well as some other photos showing different angles of the fingerprint.

Since this means that security measures like Touch ID could conceivably be hacked using only photos, Krissler believes it is likely that politicians will be forced to “wear gloves when talking in public” from now on.

This isn’t the first time the security of Touch ID has been called into question by the CCC. Since Touch ID first arrived with the iPhone 5s, the group has claimed it is possible to unlock an iPhone using a fingerprint replicated with latex.

As with that example, the latest way of circumventing Touch ID may be possible under lab conditions, but it’s not going to be an everyday hack. No security system is perfect, and you’re at far more risk from having someone steal your iPhone and making you unlock it yourself than you are having a James Bond-type snapping photos of your fingerprints using a spy camera, and using this to reconstruct your finger print.

Still, it’s worth being aware of — particularly since technology like Apple Pay means Touch ID is used for more than just unlocking your phone these days.

Source: VentureBeat