Hackers Work Around iPhone 5s Touch ID Security

| Analysis

The iPhone 5s has been available for only three days and already a group has found a way to bypass the smartphone's Touch ID fingerprint-based authentication system. The group concocted an elaborate system to replicate a fingerprint that's associated with a particular iPhone 5s, and the hack requires physical access to the device.

Apple's Touch ID technology was bypassed only three days after the iPhone 5s was launchedApple's Touch ID technology was bypassed only three days after the iPhone 5s was launched

Touch ID is a new feature built into the iPhone 5s's Home button that allows the smartphone to scan your fingerprint instead of requiring a passcode to access apps and data. According to Apple, the system is more secure than fingerprint reader systems from other companies -- a point that the gChaos Computer Club claims is false.

The group started by scanning the fingerprint associated with an iPhone at high resolution, and then printing it out for transfer to another material such as latex. Once the material holding the print, complete with ridges and grooves, has finished setting up, the group placed it over someone else's finger and used it to successfully unlock the iPhone.

The Chaos Computer Club said, "In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake."

They added that it's a simple process to lift fingerprints and then convert those into fakes that can be used to bypass security systems. "You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints," they said.



While the process CCC showed was fairly straight forward, it isn't exactly a simple process for the average person. It involves successfully collecting a quality fingerprint, scanning it at 2400 DPI or higher, and cleaning up the scanned image and then printing it to an acetate sheet on a laser printer before applying the material that will ultimately hold the fake print.

Assuming someone steals your iPhone with the intent of hacking around Touch ID it's actually much easier to simply make you unlock your iPhone instead of duplicating your finger or thumb's unique patterns. Find My iPhone can also be used to remotely wipe the device and keep anyone from hacking into your personal information.

The bigger problem in this case is that someone else has physical control over your iPhone. When that happens it's much easier to find ways to hack in -- especially since at that point the potential hackers have time on their hands.

Even still, the CCC's Touch ID demonstration does show that Apple's Touch ID technology may not be quite as secure as the company implied.

Working around fingerprint security systems is something that people have been doing for years, and Apple doesn't force iPhone 5s owners to use Touch ID. It's a convenient alternative to using a four-digit passcode, and is still more difficult to work around.

For me, Touch ID is a wonderful convenience. It only took me about an hour before I was completely hooked. There may be some security concerns about fingerprint scanning technology, but I'm sticking with it -- and I'm not telling which finger I'm using.

Popular TMO Stories


Lee Dronick

That is okay, the NSA has long since hacked the Chaos Computer Club.

Seriously, I thought that Touch ID was scanning the underlying fingerprint, not the surface. Is that not the case?


Obligatory xkcd reference…



By the time the thieves have had time to get my phone back to their evil lair, then work through this convoluted process, I’ll have it wiped anyway!


You leave finger prints on the phone itself. So they have all they need to get in. Unless you scan a finger that you never use to touch a surface of the phone.

Anyway, my question is simply whether the finger print is harder or easier to work around than a 4 digit pass code?

Situations: 1) they have you and the phone 2) they have just the phone.

1) They forcibly swipe all your fingers over the home button until it opens.
2) They need some equipment and knowledge, but anyone so determined can lift finger prints, make a double, and gain access.

1) They coerce you into revealing the passcode.  If this is police then you can’t legally be tortured into revealing the code, so they might be stuck with #2.
2) They just need time. If you try to type the passcode on the device after 10 tries, if configured, the device wipes itself. But if you also have some equipment you can copy the data (still encrypted) and get infinite tries. How long does this take to crack? It’s 10^4 combinations to try, which probably doesn’t take too long.

The finger print is much more convenient. If it’s a similar level of security then we might as well use it.  If you have data on there you want to keep from the police don’t use it. If you have really important data use a long password.  For the common folks I’m guessing the finger print is fine.


I watched the video, but I see nothing that indicates that the second finger wasn’t already authenticated in the phone. Since you can authenticate up to 5 digits, I don’t see any “proof” that their elaborate scheme actually worked.


This is why I’ve not been a fan of biometrics. I can change my password. I can’t change my fingerprint.


Jeff, your last sentence is insightful. Even if you had the skills to make the fake finger, had physical access to the phone, and were able to find usable fingerprints on it, you still would have to go through the entire process before you knew you had the print for the correct finger. This might be a tool for international espionage, but not for everyday crooks with everyday iPhones.


To me, these scenarios are far-fetched. The street thugs who stole it will have fenced/sold it long before it could be cracked, except by real geeks. And the perp’s fingerprints will be on it as well, making it more difficult to do all this. And what if the thief wipes it to remove his fingerprints?


I am wondering if Apple has not implemented the full print recognition capability in this initial phase.  There was talk of scanning the ‘living layer’ and maybe with the iPhone 6 with a processor speed increase they can better utilize the full scanning capability of Touch ID technology.  Either living layer verification or even higher resolution capability or some other way to verify living tissue.  I suspect they have ways with the technology to get more refined down the road.

Lee Dronick

  I watched the video, but I see nothing that indicates that the second finger wasn’t already authenticated in the phone. Since you can authenticate up to 5 digits, I don’t see any “proof” that their elaborate scheme actually worked.

Makes you wonder who is the group, for whom they may work, someone who has an agenda to discredit Apple’s products?



Until there is independent reproduction of the methodology used by CCC, this is not proven.

Assuming that what they did is 100% true, the fingerprint scanner as an unlock feature is extremely valuable to me.  I now have an iPhone5s, and unlocking it is almost as convenient as having no lock at all. Which is the point.  Now people will leave their phone locked more often, and that will protect their privacy.

To use CCC’s method, FIRST you have to obtain a good fingerprint.  Then do all the steps to make their copy.  The casual lost phone couldn’t be hacked into, which is what Apple is trying to prevent.  I don’t want my competitors to read my e-mail, and this prevents that. 



I thought the 5s recognized up to 10 prints at one time. Either way, repeat this with at least one more person than what the phone stores at one time, then I might believe it. It seems to me the scanner is simply scanning through the latex (or whatever the base material is). When my phone gets delivered (HOPEFULLY TOMORROW!!!) I’m going to see what materials and at what thickness the scan will work through.


It’s the usual anti-Apple alarmism at work.  Where is the similar outrage over the fact that a simple photo is all you need to defeat Google’s “Face-unlock” feature? 

Consider that a victim would probably have turned on the new iOS Activation Lock feature and bricked their phone long before the laborious process of obtaining high rez prints and making latex models was completed.

Not to mention that this is indeed FAR more secure for those 50% of users who don’t lock their phone with a pin code.


Why don’t they make it more interesting by lifting a fingerprint by the dusting process from the phone and not scan their finger and then duplicate it by the process they mentioned to see whether it still work.


Two words: Iris scan.

Lee Dronick

There is a probably a better chance that you will get struck by lightning while cashing in the winning lottery ticket than this exploit being done in the wild.

Paul Goodwin

Haha Lee on your last comment. Like we have so many high tech master crooks running around. 99.999 % of the crooks would probably have more of their own fingerprints on the phone than yours within minutes of stealing it. We’ll have to see if there’s a run on fingerprint lifting kits. LOL is there such a thing?

I posted a note on Snopes.com for them to debunk this myth. The thieves are after the phones to sell them to buy more drugs, not to steal your data. They can’t sell what can’t be used. And what self respecting high tech master hack criminal is going to waste his time stealing telephones? This whole thing reeks of paid Apple bashing or just idiots after a viral Internet article.

Lee Dronick

  This whole thing reeks of paid Apple bashing or just idiots after a viral Internet article.

In all seriousness it is possible that this an attempt to sabotage sales of the iPhone.


Paul Goodwin

Nothing these days would shock me in business.

Lee Dronick

Ummm, don’t have to use a fingerprint, you can use a http://www.opposingviews.com/i/technology/gadgets/people-using-their-nipples-unlock-apples-iphone-5s-video

Paul Goodwin

BWAHAHAHA Lee. Now that would be a sight

Lee Dronick

I suppose that you could also use the tip of your nose.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account