Related: How Fingerprint scanners work
In a scene which looks like it came from a Hollywood hi-tech thriller, the CCC lifted the fingerprint of a glass surface by taking a high-resolution (2400 dpi) photo and then printing it in a inverted form (so most of the print out is black and the fingerprint is clear) onto a transparent sheet with a thick toner setting. Then pink latex milk or white woodglue is smeared onto the transparent sheet and left to dry. The fake fingerprint can then be peeled off and after breathing on it (to make it a bit moist) it can be used to trick Apple’s TouchID and the biometric security built into the iPhone 5S.
This demonstrates – again – that fingerprint biometrics are unsuitable as an access control method and should be avoided.
This isn’t the first time that the CCC has demonstrated the fragility of biometric security. In a protest about the use of biometric data in Germany’s e-passports the group lifted and published the fingerprints of the then German Minister of the Interior Wolfgang Schäuble in its club magazine. The magazine included a thin film that could be taped over a finger to deceive fingerprint readers with Schäuble’s fingerprint – very Mission Impossible!
If you don’t believe it is possible, check out this video: