A hacker who lifted a fingerprint to bypass Apple's new Touch ID has urged calm saying the login measure was still valid.
The biometric mechanism was first bypassed this week by Chaos Computer Club user Starbug who used an altered photograph, a printer and latex to replicate a fingerprint to unlock the new iPhone 5s.
Lookout security researcher Marc Rogers also bypassed the identity checker using the 'Gummi Bear' technique proposed by Japanese cryptographer Tsutomu Matsumoto in 2002 which used gelatin to replicate fingerprints.
Gelatin has close to the same capacitance as human skin, meaning it fooled scanners that detected electrical charges.
But the technique was highly complicated and out of range of most run-of-the-mill thieves, Rogers said.
"Creating the fake fingerprint is arguably the hardest part and by no means 'easy'," Rogers said.
"It is a lengthy process that takes several hours and uses over a thousand dollars worth of equipment including a high resolution camera and laser printer."
Touch ID was a mechanism tilted more on the side of convenience than tough security and the average consumer should not be concerned that it had been bypassed, Rogers said.
Read more details of the hack on Rogers' blog.
_(5).jpg&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
