Hackers show how to bypass iPhone’s fingerprint sensor [VIDEO]

Graham Cluley
Graham Cluley
@[email protected]

Fingerprint Hackers from Germany’s Chaos Computer Club appear to have successfully worked out how to trick the fingerprint sensor on the iPhone 5S, to give a (determined) intruder access to the locked smartphone.

A blog post from the Chaos Computer Club claims that the Touch ID biometric security on the newly-released iPhone 5S was successfully bypassed.

To prove their point, they have released a YouTube video:

hacking iphone 5S touchID

Sign up to our free newsletter.
Security news, advice, and tips.

According to their announcement, the Chaos Computer Club used a method of fooling fingerprint sensors that they first published on their website in 2004:

First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.

It’s worth remembering that fingerprints are not secrets. You literally leave them lying around everywhere you go, and they could be picked up by others.

Relying on your fingerprints to secure a device may be okay for casual security – but you shouldn’t depend upon it if you have sensitive data you wish to protect.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.