German hacker group the Chaos Computer Club (CCC) have reportedly cracked the iPhone fingerprint scanner, just two days after Apple launched the technology.
If the group’s claim is verified, it will cause Apple some considerable embarrassment, as they had promised that the new technology would better protect their devices from criminals and snoopers. They were counting on the ‘Touch ID’ fingerprint scanner to set them apart from Samsung and other Android operators.
Touch ID allows users to unlock their Apple devices and make purchases on iTunes by simply pressing their finger on the home button.
The CCC is one of the world’s biggest and most-respected hacking groups, leading prominent iPhone security experts to back the validity of their claim. Dino Dai Zovi, co-author of the iOS Hacker’s Handbook said: “I think it’s legit,” adding “The CCC doesn’t fool around or over-hype, especially when they are trying to make a political point.”
The group are claiming to have targeted the Touch ID technology to highlight the problems surrounding fingerprint readers:
“Fingerprints should not be used to secure anything. You leave them everwhere, and it is far too easy to make fake fingers out of lifted prints,” the hacker Starbug was quoted as stating on the CCC’s site. CCC spokesperson, Frank Rieger, is also dismissive of the technology:
“We hope that this finally puts to rest the illusions people have about fingerprint biometrics,” he wrote. “It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token.”
They have apparently overcome Touch ID by phtographing an iPhone user’s fingerprint and printing it on to a transparent sheet. The sheet is then used to mould a “fake finger.”
An online contest seeking the first hackers to crack the latest iPhone technology was launched to align with the release of the latest iPhone. It is not sure whether the CCC will win the cash and other prizes from the contest. Competition founders Nick DePetrillo and Robert Graham are requesting further proof:
“We are simply awaiting a full video documentation and walk through of the process that they have claimed,” said security researcher DePetrillo, while Graham added, “When they deliver that video we will review it.”
Graham and DePedrillo asked for people to contribute to thir original €150 online prize fund, which has raised the prize money total to more than €9,600.
The iPhone and its iOS operating system has already come uder fire for two bugs involving access issues. Apple has promised to fix these in upcoming software updates, but the Touch ID hack is likely to prove much more difficult to remedy.