At a cybersecurity convention in Hamburg last week, the “Chaos Computer Club” demonstrated how it can mimic a fingerprint just by analyzing photographs.
Fingerprints have been recreated from smudges on windows and other smooth surfaces. In the past, forgers have used tape, a scanner, some plastic material and glue to build a gummy fingerprint that can fool scanners.
But the Chaos Computer Club says this is the first time fingerprints have been spoofed from afar. The group’s leader, known as “Starbug,” said he was able to recreate the thumbprint of the German Minister of Defense Ursula von der Leyen, from several news photos.
The hack isn’t terribly complicated, but it’s also not something most people would have the patience or ability to pull off. Starbug printed the fingerprint from the photos onto tracing paper, copied it onto a plastic board, covered it in graphite and made a dummy print by coating the plastic in wood glue.
Not easy. Still he made a dummy fingerprint from a photo. Impressive.
In one demonstration, the dummy print was able to trick Apple’s (AAPL, Tech30) TouchID (which controls Apple Pay).
“There will be no need to steal objects carrying the fingerprints anymore,” the group said in a preview of the event. “After this talk, politicians will presumably wear gloves when talking in public.”
The Club said the presentation calls into question the validity of fingerprint security systems. It would be difficult to do anything useful with the German Defense Minister’s fingerprints, but you could use the hacking method to get into your friend’s iPhone.