iPhone 6 can be unlocked with fake fingerprints

Apple iPhone 6The Touch ID security technology implemented in the new iPhone 6 models from Apple is vulnerable in the same way as demonstrated last year on iPhone 5S, allowing an individual to bypass verification with a fake fingerprint created from regular glue.

The technology is currently used to authenticate the owner of the device during the unlock process, as well as for approving purchases in Apple's digital stores.

After cloning a fingerprint used to lock iPhone 5S and 6 devices, security researcher Marc Rogers from Lookout successfully unlocked both phones (check the video below), albeit he noticed some improvements in the latest model.

He relied on the same fingerprint cloning technique used for the experiment on the 5S model last year.

Rogers says that the first step is to acquire the fingerprint, which has to be clear of any smudges; a high resolution camera is also necessary for an accurate image that is then printed without any distortion, with high toner density, so that the print stick out. The next step is to impress the print on a thin layer of glue.

The researcher noticed some improvements in the new sensor, as the scanning resolution is higher, experiencing greater accuracy at recognizing the real fingerprint.

Moreover, during his experiment, the success with more flawed cloned fingerprints on iPhone 6 was smaller than on the 5S device, which points to the conclusion that the clarity of the print has to be higher in order to fool the Touch ID sensor.

“To fool the iPhone 6 you need to make sure your fingerprint clone is clear, correctly proportioned, correctly positioned, and thick enough to prevent your real fingerprint coming through to confuse it,” Rogers says in a blog post.

iPhone 6 can be unlocked with fake fingerprints

Despite successfully unlocking the device with a fake fingerprint of the iPhone’s owner, Rogers says that reproducing the experiment in the wild is unlikely to be a success because there are plenty of challenges that can be overcome in the lab, “but are likely to make it a little bit harder for a criminal to just ‘lift your fingerprint’ from the phone’s glossy surface and unlock the device.”

“The attack requires skill, patience, and a really good copy of someone’s fingerprint — any old smudge won’t work. Furthermore, the process to turn that print into a usable copy is sufficiently complex that it’s highly unlikely to be a threat for anything other than a targeted attack by a sophisticated individual,” he adds.

Source: Softpedia

Tags: Apple, break, hackers, iPhone, smartphones

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
The NVIDIA GeForce GTX 1180 will be Turing-based with a 12nm FinFET die shrink
 
This only works on posts made by profiles that are public
 
 
The device will be standalone and based on a Qualcomm chipset
 
Apple plans on offering a cheaper smart speaker that will be priced at $199
 
Chrome will adopt a new approach to indicating site security
 
Data shows they are leading smartphone sale worldwide
 
Is this an error or it is really happening?
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
  12345
6789101112
13141516171819
20212223242526
2728293031  




Poll

Do you use microSD card with your phone?
or leave your own version in comments (10)