iPhone 5S Specs and Rumors: Hackers And Security Experts Take On The Touch ID Fingerprint Scanner

Apple unveiled the iPhone 5S at a major press event at its Cupertino California headquarters on Tuesday along with the supposedly low-cost iPhone 5C. The iPhone 5S came complete with a shiny new feature called Touch ID, which uses a new biometric fingerprint scanner built into the Home button to scan the owners finger print before unlocking or allowing for the purchase of apps. This has caused many security experts and hackers alike to question whether or not the new iPhone's iTouch function makes it the most secure device on the market, as it is labeled.

InformationWeek did a rundown of all the best ways hackers would go after the iPhone 5S. One of the first thing they thought to do to bypass the fingerprint scanner would be to lift someone's print off the touch screen and repurpose it to open the Touch ID.

"The first thing I would try would be attacks against the thumbprint reader, like try and take prints from elsewhere on the phone and figure out how to replay those to the sensor to log in to the person's phone without having them around," security researcher Dino Dai Zovi told CNN. This attack is known as a "phish finger" attack.

Another potential area of attack is by going after the biometric data secreted in the A7 processor. In theory, hackers and thieves could simply grab the stored fingerprint scan directly from the processor memory and use that to spoof the user. However, Apple has taken steps to ensure that the saved data is encrypted and stored within the processor so that it can only be accessed directly. It is impossible to move the data to another device.

Furthermore, Apple will require all iPhone 5S users to create a passcode that will need to be entered every time the phone is rebooted or has been idle for 48 hours. This is meant to prevent would-be hackers from stalling for time while they try and find a way around the biometric scanner.

It seems, despite hackers best efforts that the iPhone 5S Touch ID function is a very difficult bit of security to get around. However, two things worth noting are that nothing is completely impossible in the world of electronics and that users should be careful what information they store on their phone. The second is that the iPhone 5S is not yet available to the public, so most of Information Week's security experts were working off of spec information.

Real Time Analytics