iPhone’s Touch ID metal ring fits in iPad 5 part, but likely isn’t evidence for fingerprint-scanning iPads

ipadfinger2

With the announcement of the new iPads approaching later this month, rumors surrounding the new full-sized iPad have centered around a thinner, lighter design, but it’s been unclear if the new tablet will sport the Touch ID fingerprint authentication system from the iPhone 5s. I’ve heard that Apple’s most recent internal next-generation iPad prototypes have lacked Touch ID sensors, so it’s unclear if it will make the cut for this year. There are a few reasons why Touch ID wouldn’t make sense on an iPad this year:

  • Exclusivity to iPhone 5s could help with sales for Apple’s flagship phone. Notice the iPhone 5c doesn’t have it.
  • Supplies for Sapphire Crystal are obviously tight.
  • Touch ID would be better suited for an iPad capable of multiple users; is the OS even ready for that?

On the other hand, bringing Touch ID to the iPad this year would create consistency for Apple’s fall 2013 iOS Device line. Apple’s iPhone 5s internal test units did not gain Touch ID until late into testing, so there isn’t conclusive evidence right now for either direction…

Read more

Video reveals how the Touch ID hack was performed – ‘trivial’ attack that took 30 hours

The German hacker who successfully defeated Touch ID using a fingerprint lifted from the back of an iPhone has posted a video showing exactly how it was done.

While the hacker – who goes by the nickname Starbug – described the attack as “very straightforward and trivial,” he revealed in an email interview with arsTechnica that it required 30 hours of work using a scanner, high-res laserprinter and a printed circuit board etching kit.

It took me nearly 30 hours from unpacking the iPhone to a [bypass] that worked reliably. With better preparation it would have taken approximately half an hour. I spent significantly more time trying to find out information on the technical specification of the sensor than I actually spent bypassing it.

I was very disappointed, as I hoped to hack on it for a week or two. There was no challenge at all; the attack was very straightforward and trivial.

Should 5s owners worry that, now that the technique is known, it could be replicated in 30 mins? The answer is ‘it depends, but probably not’ …  Read more

“Biometrics hacking team” uses photographed fingerprint to get past Touch ID

In a rather nervous video and associated blog post, Chaos Computer Club appears to demonstrate how they can get through Touch ID by taking high-resolution photographs of a fingerprint. Ironically, they claim the hack can be completed with “materials that can be found in almost every household” then go on to say that a 2400 dpi resolution photograph of the fingerprint must be used.

The group claims that Touch ID was only a little bit more difficult to get through compared to other fingerprint sensors, since the iPhone 5s’ scanner is extremely high-resolution. They go on to state that fingerprints should not be used as a secure method of authentication since they are left on so many surfaces and can be picked up very easily.

Read more

Why Touch ID is bigger news than any of us appreciated

a7

Touch ID is far, far more important than most people have realised – the core message behind a Quora post by the CEO of a card payment service. We can expect to learn far more “in the next few months, and that’s likely to eventually include both Touch ID Macs and use of the fingerprint system for mobile payments.

In the torrent of the billions of words already written about Touch ID very, very few people have really understood just how revolutionary this really is.  Apple not only has developed one of the most accurate mass produced biometric security devices, they have also solved critical problems with how the data from this device will be encrypted, stored and secured.

Brian Roemmele, CEO of 1st American Card Service, said that Apple’s attempt to solve the problem of how to develop a truly secure access system goes all the way back to a patent application in 2008, but it was only through the A7 chip – specifically created by ARM with mobile payment security in mind – that the company finally had a gold-standard solution. And its applications will go far beyond iPhone unlock and iTunes purchases …  Read more