Biometric security measures like TouchID must be pretty secure right? I mean you need your finger to open it up, and it’s not like someone can copy it can they? Well you’d be wrong about that last part. Your fingerprint can be copied, and it can be done from public photos.
According to hacker group the Chaos Computer Club, all you need is a few good photographs of someone’s fingers, some off-the-shelf authentication software, and a bit of luck. CCC member Jan Krissler demonstrated how it was done at the organisation’s 31st annual convention in Hamburg, using public photos to copy the thumbprint of German Defence Minister Ursula von der Leyen.
We all knew it was possible to mimic fingerprints from the markings left on polished surfaces (it is a common trope in spy movies after all), but this is the first time we’ve seen it happen without having to get hold of physical objects first.
Before you start panicking, it is worth emphasising that this is not sure-fire way of nabbing someone’s fingerprints. You do need luck to make it happen, but more importantly you need a number of high quality pictures of a person’s hand. This might be a bit of a problem for politicians and celebrities who often wave in public, but the average person probably doesn’t need to worry too much.
But it does show that biometrics are far from foolproof, so maybe don’t rely so heavily on that TouchID button from now on.