Friday, October 10, 2014

SMART PHONE CREDIT CARD ? HACK YEAH!


Iphone6 (Picture Google Images)

Do you have a good printer? Glue? Well, you’re ready to hack into iPhone 6! At least that’s what’s been proved by Mr. Rogers from the security firm Lookout. All he used was a high resolution copy of a fingerprint through a special printer and some glue and voila! No! It’s not as easy as it sounds. You need at least a thousand dollars and a lot of hope that your plan works plus some other intricacies that are attached with this plan.

Finger Scan (Picture Google Images)
Marc Rogers had earlier proved his hacking skills as soon as iPhone 5 came out and he proved the vulnerabilities iPhone 5 and Touch ID presented. But at the same time Rogers suggested that hacking Touch ID is so complicated, that most hackers wouldn't bother. Your iPhone 6 is, for all practical purposes, safe. "Don’t panic," he told Business Insider. "I don't see a risk to consumers in any way."

The bad news is that this won't last, he cautions. With the introduction of Apple Pay, where Apple hopes to turn every smart phone into a credit card protected by Touch ID, criminals now have a huge financial incentive to come up with methods that make hacking the fingerprint sensor faster and easier. And Apple missed some big chances with the iPhone 6 to make that impossible, Rogers told Business Insider.

For both the iPhone 5 and the iPhone 6, Rogers hacked Touch ID by creating fake fingerprints. He lifted a fingerprint from a shiny surface. He printed a high-resolution copy of the fingerprint with a special printer and transferred that to something called "transparency film." He used that to develop a mold of the fingerprint with something called "photosensitive PCB board." He poured glue into the mold and voila! He had a fake fingerprint. But the process took hours and required over $1,000 worth of gear, he said.

What’s frustrating is that even after proven attempts of the security flaws in Apple’s Touch ID, no improvements have been made. The finger print sensor problem has been around for a long time now. According to Rogers Apple’s missing out on improving how the sensor and the touch screen interacts with the skin. Conductivity he says is what makes the touch screen detect the contact and this is where Apple’s lacking.

According to Rogers Apple should make sure that if somebody is trying to hack in then the sensors should be able to detect that they’re wearing fake finger prints and nip it right in the bud. He says Apple’s always been ground breaking with their innovative products and this is the same approach that they need to tackle this issue with.

In the meantime we can hope that it becomes easier for the consumers to pay through their smart phones but at the same time knowing that their IDs are well protected. We hope the manufacturers pay heed to these concerns and come up with better beefed up security for payment devices.


Reference: 

http://www.businessinsider.com/iphone-6-touchid-is-safe-for-now-2014-9#ixzz3EiWfbnkr