Play-Doh That Can Bypass An iPhone Fingerprint Security

By Samir Ghanmi | Feb 26, 2016 10:57 AM EST

TEXT SIZE    

A user can't be so sure if their iPhone is tightly secure, Vkansee a Chinese mobile security company displayed a way to bypass security of an Apple iPhone using imprint sensory of a thump called Play-Doh.

This week, Jason Chaikin's president of the company, imprinted a mold of his thumb into a clay, he then took the Play-Doh clay and inserted it into the printed clay to create a replica. Just by touching the Play-Doh on the iPhone scanner, the phone was unlocked.

In this case, criminals aren't suspected to create molds of people's fingerprints, but Chaikin highlighted the issue the absence in today's sophistication in biometric solution, which includes not only smartphones but other devices as well.

Apple responded saying, "Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger," also adding "Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you can't proceed until doing so."

The product solution collects third level details from a finger of a person, such as the thickness, ridges and pores of the skin. Play-Doh can also detect wet fingers, but still can be a current issue for sensors.

Chaikin points out that the problem with biometrics is that it's too simplified, one primary example he gave out was the hacking of German Defense Minister back in 2014, where a hacker managed to capture a high resolution photograph of Ursula von der Leyen's finger, and engineered it to his advantage to unlock her phone.

Biometric manufacturers are looking into other methods of solution to produce a user's authenticity to use their mobile devices as consumers whether it be in banking and shopping. MasterCard already announced a service called "Selfie Pay" as a feature to authenticate a user's identity.

pre post  |  next post
More Sections