Chaos Computer Club last week claimed that they have successfully bypassed Touch ID, by creating a fake fingerprint model can successfully unlock iPhone 5s phone. Starbug the members of the CCC, security expert Marc Rogers, described in detail in the video fingerprint model making process, and that the average consumer is nothing to worry about.
The video can be seen, CCC iPhone 5s from the body of the user’s fingerprint collected, and then complicated production steps, the fingerprint can be converted into a printing material. According Starbug description, the entire replication process “easier than you imagined and more” – they only took 30 hours to complete the fingerprint will be copied. “In fact, I quite disappointed, I thought I had to spend one to two weeks in order to crack, which did not challenge the fundamental point, break the process is very simple. Touch ID is a very reliable security system, however, users only need to consider its convenience, rather than security. ”
Starbug said cracking fingerprinting “simple”, and use such as “scanners, laser printers and the printed circuit board etching kit” such cheap things, to crack. Equally successful crack fingerprint identification Marc Rogers did not agree with this statement, saying that “experimental supplies are not cheap, to spend thousands of dollars.”
But the reality is that these flaws without ordinary consumers worry. Why? Because crack process is simple, but it is extremely trivial step.
To crack Apple’s fingerprint identification, need to have a variety of skills and considerable academic research and crime scene technicians as patience.
Rogers went on to explain, crack also need uncontaminated, clear, complete, and correct fingerprints in order to use cyanoacrylate, fingerprint powder and fingerprint tape to copy fake fingerprints. The fingerprint image itself must be professional photography, editing, retouching, and printing on the transparent film, and then etching the printed circuit board package or laser printer, the fingerprint image into true to unlock the tool.
Even if all these steps are all successful, really use it to unlock the phone is also very tricky, and very easy to break failed.
And these are by no means a common street thief can do. Even if he did all these things out, if you try five times, fake fingerprint recognition did not succeed, he will come to naught, because the device will ask you to use a password to unlock it.
However, we should be clear: Touch ID is too small chance of being targeted. An attacker who time and resources, will carefully analyze the target and its associated information data, which led to his On balance, do not take the risk to try to crack the fingerprint this road. So fortunately, fingerprint identification crack for us, not a threat.
Despite Touch ID has been falsified fingerprint information crack, but Apple’s fingerprint sensor works is still a mystery. Apple says the surface of the sensor can pass through payments dead skin dermis layer of the finger scans high-definition resolution fingerprint images. So, theoretically speaking, which is why fake fingerprint to fool the sensor causes. Starbug speculated that Apple’s desire for security is extremely high, and pointed out that if the characteristics of human tissue, “close enough”, then the Touch ID will be defeated.
Since its release, Touch ID has always been a lot of serious study. U.S. Senate Al Franken sent a letter to Tim Cook, made a lot about the security of the sensor system, and accurate fingerprint stored procedure problem, Apple has also been released to the public on the Touch ID Knowledge Base article to explain the benefits of Touch ID, eliminating some consumers worry.