The 'Chaos Computer Club', described as Europe's "largest association of hackers," says it has managed to bypass TouchID, the security behind the fingerprint scanner, using a surprisingly simple method.
In this case, the hackers simply took a photograph of a user's fingerprint that was left on a glass surface, created a latex recreation of said fingerprint, and held it against said user's iPhone 5s to authenticate their way into the device.
"First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet," reads the Chaos Computer Club's post.
"After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market."
"We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token", said Frank Rieger, spokesperson of the CCC, in a statement.
"The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access."
He said fingerprint biometrics in passports had been introduced in many countries despite the fact that by this global roll-out "no security gain can be shown."
The Chaos Computer Club has also posted video 'proof' of the hack, showing an (extremely nervous) man completing the authentication process.
Check it out below.