Using the same technique to hack the TouchID fingerprint security of the iPhone 5S, it’s also possible to circumvent the protection in the iPhone 6, according to an American security researcher. According to researcher Marc Rogers the iPhone 6 fingerprint sensor is hardly better than that of the iPhone 5S. The technique Rogers used to trick the fingerprint scanner of both phones is trying to fool the sensor with a fake fingerprint. To create the fake fingerprint he used glue and powder to create a fingerprint on a piece of glass.
Rogers states the iPhone 6 sensor is better in the sense that it scans a wider area of a fingerprint to increase reliability and is more sensitive. Badly created bogus fingerprints that fooled the iPhone 5S sensor no longer fool the iPhone 6. To trick the latest iPhone 6 TouchID a cloned fingerprint has to be clear, correctly proportioned and sufficiently thick.
“None of these are challenging details for a researcher in the lab, but are likely to make it a little bit harder for a criminal to just “lift your fingerprint” from the phone’s glossy surface and unlock the device”, according to Rogers. But the hack probably won’t be a big blow for Apple, “The attack requires skill, patience, and a really good copy of someone’s fingerprint — any old smudge won’t work”.
“The process to turn that print into a useable copy is sufficiently complex that it’s highly unlikely to be a threat for anything other than a targeted attack by a sophisticated individual”, he added.
The security reseacher does criticize Apple for not adding additional protection to TouchID, like requiring users to enter a PIN code after several failed attempts.