Authored by:

3 ways to bypass Apple's fingerprint scanner [Update]

Authored by: Kris Carlon — Sep 25, 2013

It didn't take long for hackers to bypass the iPhone 5s fingerprint scanner. As soon as the new devices and iOS7 were launched with the added security feature, hack-minded folk got busy finding ways to bypass or render obsolete the much-lauded new security enhancement. So far there's been three interesting ways to get past the fingerprint scanner, some more serious than others, with varying degrees of success. But considering the new feature has only been out for a couple of weeks we expect to see a lot more soon.

impronte digitali smartphone
Your fingerprint is not as safe as you might think. / © CPOA@Flickr

Make a fake finger

Perhaps the most problematic and high tech of the ways to hack the iPhone fingerprint scanner, is the fake fingerprint made by German hacker group, Chaos Computer Club. The group demonstrates in a YouTube video how to create a fake fingerprint from a photograph of the user's finger – something not hard to come by in this world of shiny fingerprint-loving surfaces, like the front of the iPhone for example.

Link to Video.

The following description of the process comes from the group's website:

First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone.

Use an iOS7 loophole

It was only out for a few hours when this major security loophole in iOS7 was revealed. First, Jose Rodriguez found that the new operating system was not so secure after all. He discovered a way to bypass the fingerprint scanner and get to the phone's contacts and photos through a mildly convoluted series of button presses: Control Center > Clock > hold Power button > Cancel on shutdown screen > double-tap Home button to bring up multitasking view and access contacts, camera/gallery and more. It worked, despite taking a few attempts, and has been replicated by plenty more people since his discovery. Until Apple fixes it, the only way to secure this flaw is by disabling the Control Center option to ''Access on Lock Screen'' in Settings.

Link to Video.

Then just a couple of days ago, YouTuber Karam Daoud posted a video demonstrating the ability to make normal calls from the emergency-only dialer screen. Simply repeatedly trying to make a call resulted in the phone blacking out and making the call anyway. So much for additional security.

Link to Video.

Steal someone's pet

And if all fails, you could also pinch the iPhone owner's lapdog, purse pooch or fluffy kitty on the off chance that they've used their pet's paw print to lock their shiny new iPhone rather than their own fingerprint. Admittedly this is more of a joke than a serious way to hack the iPhone fingerprint scanner, but the simple fact that someone figured this out within days of it being available is enough to include it on my list. So now you need to protect your pet as well as your phone from ''Apple pickers.''

Link to Video.

So with these various tricks you can access the camera and photo gallery, contacts list, share to social media, make calls and put the blame on the owner's pet. Call me skeptical, but if I was an iPhone owner, I'd be feeling decidedly insecure right about now.

What do think about these bugs in iOS7 and the new range of iPhones?

[Update: 1200 PM Berlin time 25.09.2013]

Or use your nipple?!?

As if using a cat's paw wasn't funny enough, now some crazy Japanese guys have accessed their iPhone using TouchID with their nipple. And it works. Enough said, watch the video (it's safe to watch at work, never fear). Apparently it also works with toes. I'm worried where this is all going.

Kris Carlon comes to the AndroidPIT Editorial Team via a lengthy period spent traveling and relying on technology to keep him in touch with the outside world. He joined the Android community while resurfacing in civilization back in 2010 and has never looked back, using technology to replace his actual presence in other people's lives ever since. He can usually be found juggling three phones at once and poring over G+ posts, Reddit and RSS feeds.

3 comments

Write new comment:
  • Kris Carlon
    • Admin
    • Staff
    Sep 30, 2013 Link to comment

    Well Apple did fix the various iOS7 problems (apparently) just a week after they were discovered, which is a good move. There's probably not much they can do about nipples and toes and paws, but the TouchID thing, if it can't be bypassed easily, is a pretty good addition.

  • David D. Sep 29, 2013 Link to comment

    I think Tim Cook will be in fits now that his TouchID isn't all that safe. XD

  • Philipp Junghannß (My1) Sep 25, 2013 Link to comment

    Ok the thing to unlock it with other parts of the body is just crazy, especially since a thief (or your children) wont know which part it is so they cant unlock your phone while you sleep even with the TouchID, anyway its just rediculous...