Sunday, 29 September 2013

Exclusive : New Touch ID hack allows hacker to unlock an iPhone by multiple fingerprints

The Iranian group defeated the very basic phenomenon of an iPhone Fingerprinting scanner, which allows them to unlock an iPhone device with multiple Fingerprints.

Apple‘s iPhone 5s, was launched just available in stores two weeks before with a new feature of biometrics-based security system called "Touch ID", that involves analyzing a user’s fingerprint and using that to unlock the phone.

Apple launched the technology that it promises will better protect devices from criminals and snoopers seeking access. With this you can purchase things from the iTunes App Store. Basically, you can now use it in place of your password.

"Fingerprint is one of the best passcodes in the world. It's always with you, and no two are exactly alike," according to the Apple's website.

Last week Germany Hackers showed that how they were able to deceive Apple’s latest security feature into believing they’re someone they’re not, using a well-honed technique for creating a latex copy of someone's fingerprint.
Another interesting fact is that, Touch ID is not only designed to scan the fingerprints of your fingers, it works with various human body parts and appendages which are also not fingers.



An Iranian group of iPhone Geeks from Tehran running a blog i.e. "i-Phone.ir" contacted 'The Hacker News' with another awesome Touch ID hack, shown that how they defeated the very basic phenomenon of Fingerprinting scanner i.e. "No two Fingerprints are exactly alike". (Greets to Bashir Khoshnevis , Mohsen Lotfi , Shayan Khabazian and other members of i-Phone.ir support team)

In a video demonstration, provided to The Hacker News, the Group set up a mixed Fingerprint scan of 5-6 people for an iPhone 5S handset (as shown in the video), which allowed all of them to unlock the locked device with their individual fingerprint.

According to Apple, the chance that Touch ID will misread a finger is 1 in 50,000 , this is because Touch ID is not designed to capture the fingerprint in strict mode. It scans the fingerprint on a very high-resolution (2400 dpi), possibly to get and match the partial parts of an impression for faster unlocking.

That means, if one will setup the unlock settings of an iPhone with a merged thumbscan of multiple users, a partial scan of an individual user will be enough to unlock that device.

I am sure that if the iPhone is not able to scan the thumb impression in the strict mode to be unique, there is a possibility that out of 1000 thumb impressions iPhone's Touch ID system can count 2-3 impressions as of the same person. So, an iPhone can be possibly unlocked by another/multiple user too, whose fingerprint patten resembles 20-30% with  the handset owner's thumbscan.



Conclusion, Fingerprints taken by iPhone's Touch ID are no more unique for a user. Touch ID is intended to reduce the number of times a person must enter a passcode, but you should use Passcode to make sure no one else has access to your iPhone.

Earlier this morning, a new report came from a Chinese weblog, DoNews stating that Apple will introduce the new Touch ID in iPad mini 2.

1 comment:

  1. apple is definitely NSA supporter . that's why they introduced fingerprint shit

    ReplyDelete