iPhone 5S Two-Factor Authentication Fail

The past few days we’ve seen a lot of pomp and circumstance trying to awe us about the quality of the sub-dermal sensor in the new iPhone 5S. But in the end it was just capable of higher resolutions that fell to the same technique documented in 2007 by Starbug of the Chaos Computer Club.

The single-factor Touch ID implementation definitely raises the bar to prevent casual bypasses but a determined attacker can easily grab a fingerprint and fool the system as demonstrated today. Perhaps a less accessible biometric is needed – toeprints perhaps ;). Regardless, fingerprint authentication is still a vast improvement for the more than 50% of people that don’t use any PINs or passcodes.

And as we discussed in our previous post this Touch ID bypass is just another example of why Apple should have at least provided an option for two-factor authentication in iOS 7.0. Better yet … make it the default, requiring fingerprint identification as well as a simple PIN. I look forward to 7.1.

Here’s the video for those that missed it.


Today’s post pic is from TheVerge.com. See ya!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.