$15,000, whisky and a sex book: Hackers crowdsource reward to crack Apple's fingerprint sensor on the iPhone 5s

Touch ID comes as standard on Apple's new iPhone 5s but hackers are already trying to find ways to bypass the technology

Hackers have launched a competition to successfully crack the security surrounding Touch ID: the fingerprint scanner built into Apple’s newly launched iPhone 5s.

A reward for the first successfully verified hack has been crowdsourced on the site istouchidhackedyet.com.

The pot currently totals more than $15,000 with several bottles of whisky and a “dirty sex book” thrown in.

Individuals involved say that there is no malevolent intent in the competition. Arturas Rosenbacher, founding partner of I/O Capital - a venture capital firm that donated $10,000 to the competition - said that the site would help the hacking community find bugs that Apple might have missed.

“This is to fix a problem before it becomes a problem," Rosenbacher told Reuters. "This will make things safer."

There are no known security flaws specific to Apple’s fingerprint scanner but previous implementations of the technology have been fooled with distinctly lo-tech methods.

One approach known as the ‘Gummy Bear attack’ was pioneered by Japanese cryptographer Tsutomu Matsumoto. It involves photographing fingertips at high-resolution with a digital camera and then transferring this impression onto a fake finger made from gelatine (the gelling agent found in Gummy Bears and other sweets). Using this technique Matsumoto fooled fingerprint scanners 80 per cent of the time.

The fingerprint sensor in Apple’s iPhone 5s initially provoked scepticism over its utility, but reviewers have since praised the company for the seamless integration of the technology. Mainly used to unlock the phone, the sensor is housed in the home button and stores the user’s fingerprint on a “secure enclave” in the 5s.

Reviewing the device for The Independent, David Phelan said: “Once you've got used to not typing in your passcode, keeping your phone secure isn't a chore. I was sceptical of this gimmick but it quickly won me over.”

The 5s has certainly proved popular with customers with demand for the new device (which also includes a 64-bit processor and an upgraded camera) far outstripping supply. Within an hour of the handset being put on sale on Apple's website the shipping time was delayed, first by "7 to 10 business days" and then until October.

Others are less enthusiastic. Robert Hansen of security firm WhiteHat Security told The Independent: “Hackers widely dislike fingerprint technology. The security world has been trying to tell companies for years that biometrics like fingerprints are the passwords that can never change and that you leave every place you touch.”

“Hackers dislike the privacy implications of the potential for companies to harvest fingerprint data - especially in light of the privacy issues being released in Snowden's NSA leaks, people are becoming less trusting of companies storing sensitive and irrevocable information like fingerprints.”

Experiments with Touch ID have also found that it's not just human fingerprints that the technology responds to. Darrell Etherington of TechCrunch managed to set up his iPhone 5s so that is unlocks in response to the heel of his palm, the skin on his arm, and even his cat's paw.

"Note that no other paw pads would unlock the device, and that cats essentially have unique “fingerprints” just like people, so this doesn’t make the Touch ID sensor any less secure," wrote Etherington. See below for a video of his findings in action.

 

(Click here to see our guide to iOS 7 - the latest update to Apple's mobile operating system, and not just limited to the 5s and 5c)

Life and Style
ebookNow available in paperback
ebooks
ebookPart of The Independent’s new eBook series The Great Composers
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Ashdown Group: Front-End UI Application Developer

    £30000 - £40000 per annum + Benefits: Ashdown Group: Front-End UI Application ...

    Recruitment Genius: Digital Account Executive

    £18000 - £26000 per annum: Recruitment Genius: They work with major vehicle ma...

    Ashdown Group: C# Developer

    £30000 - £36000 per annum + Benefits: Ashdown Group: C# Developer A highly s...

    Ashdown Group: Senior Test Engineer

    £45000 - £50000 per annum + benefits: Ashdown Group: A market leading software...

    Day In a Page

    Where the spooks get their coffee fix: The busiest Starbucks in the US is also the most secretive

    The secret CIA Starbucks

    The coffee shop is deep inside the agency's forested Virginia compound
    Revealed: How the Establishment closed ranks over fallout from Loch Ness Monster 'sighting'

    How the Establishment closed ranks over fallout from Nessie 'sighting'

    The Natural History Museum's chief scientist was dismissed for declaring he had found the monster
    One million Britons using food banks, according to Trussell Trust

    One million Britons using food banks

    Huge surge in number of families dependent on emergency food aid
    Excavation at Italian cafe to fix rising damp unearths 2,500 years of history in 3,000 amazing objects

    2,500 years of history in 3,000 amazing objects

    Excavation at Italian cafe to fix rising damp unearths trove
    The Hubble Space Telescope's amazing journey, 25 years on

    The Hubble Space Telescope's amazing journey 25 years on

    The space telescope was seen as a costly flop on its first release
    Did Conservative peer Lord Ashcroft quit the House of Lords to become a non-dom?

    Did Lord Ashcroft quit the House of Lords to become a non-dom?

    A document seen by The Independent shows that a week after he resigned from the Lords he sold 350,000 shares in an American company - netting him $11.2m
    Apple's ethnic emojis are being used to make racist comments on social media

    Ethnic emojis used in racist comments

    They were intended to promote harmony, but have achieved the opposite
    Sir Kenneth Branagh interview: 'My bones are in the theatre'

    Sir Kenneth Branagh: 'My bones are in the theatre'

    The actor-turned-director’s new company will stage five plays from October – including works by Shakespeare and John Osborne
    The sloth is now the face (and furry body) of three big advertising campaigns

    The sloth is the face of three ad campaigns

    Priya Elan discovers why slow and sleepy wins the race for brands in need of a new image
    How to run a restaurant: As two newbies discovered, there's more to it than good food

    How to run a restaurant

    As two newbies discovered, there's more to it than good food
    Record Store Day: Remembering an era when buying and selling discs were labours of love

    Record Store Day: The vinyl countdown

    For Lois Pryce, working in a record shop was a dream job - until the bean counters ruined it
    Usher, Mary J Blige and Will.i.am to give free concert as part of the Global Poverty Project

    Mary J Blige and Will.i.am to give free concert

    The concert in Washington is part of the Global Citizen project, which aims to encourage young people to donate to charity
    10 best tote bags

    Accessorise with a stylish shopper this spring: 10 best tote bags

    We find carriers with room for all your essentials (and a bit more)
    Paul Scholes column: I hear Manchester City are closing on Pep Guardiola for next summer – but I'd also love to see Jürgen Klopp managing in England

    Paul Scholes column

    I hear Manchester City are closing on Pep Guardiola for next summer – but I'd also love to see Jürgen Klopp managing in England
    Jessica Ennis-Hill: 'I just want to give it my best shot'

    Jessica Ennis-Hill: 'I just want to give it my best shot'

    The heptathlete has gone from the toast of the nation to being a sleep-deprived mum - but she’s ready to compete again. She just doesn't know how well she'll do...