Play-Doh used to hack iPhone

Fingerprint
Image: Hemera Technologies (Via Credit.com)

If you’re protecting your smartphone with your fingerprint, beware strangers bearing Play-Doh.

A Chinese startup demonstrated at the Mobile World Congress this week how a mold made from the popular children’s toy could be used to unlock an iPhone,CNBC reports.

You can see a truncated version of the purported hack in a video posted to Twitter by tech reporter Arjun Kharpal: Jason Chaikin, president of mobile security firm Vkansee, holds a piece of the molding clay bearing a fingerprint up to Apple’s Touch ID fingerprint sensor and, within a few seconds gains, access to the device.

The Play-Doh print in use, it should be noted, came from the cast of a finger made in dental paste, according to other outlets covering the hack. In order words, it could be fairly labor intensive for criminals to replicate in the real world. Still, the demonstration serves as a reminder to keep an eye on your payment or personal information, no matter what security features you are using to protect your accounts or devices.

Apple did not immediately respond to Credit.com’s request for comment on the demonstration. It did point Kharpal to its security policy, which states “every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1-in-50,000 for one enrolled finger. This is much better than the 1-in-10,000 odds of guessing a typical 4-digit passcode.”

Blue_download_app_button


Protecting Your Personal Information

According to CNBC, Chaikin was demonstrating the hack to illustrate a lack of sophistication in current biometric solutions — which authenticate identities via physical or biological information, like a fingerprint, retinal scan or even heartbeat. His company, incidentally, is marketing its own fingerprint sensor, but this isn’t the first time current biometric authenticators has been called into question. Reports have surfaced of Apple’s Touch ID being hacked before and other popular smartphones have weathered similar allegations.

Regardless of these hacks, biometric authenticators are generally considered more secure than traditional alphanumeric passwords, though, on the flip side, there’s also been some debate around what hackers could do, should they get a hold of such sensitive information. That’s why consumers should, at the very least, read all the terms and conditions associated with the biometrics they use to learn, among other things, what is being scanned, where it is being stored and what security features are in place to lock down the information should your device be stolen or otherwise compromised.

And whether using password or fingerprint protection, you should regularly monitor financial accounts for credit card or debit card fraud and check your credit for signs of deeper identity theft. (You can pull your free annual credit reports at AnnualCreditReport.com and see your credit scores for free each month on Credit.com.) Signs of your identity has been stolen include a sudden drop in credit score, mysterious accounts or high balances you weren’t aware of.

More on Credit Cards:

THE STORIES OTHERS ARE CLICKING ON:

Fallon_Watch_n_Win

WFLA.com provides commenting to allow for constructive discussion on the stories we cover. In order to comment here, you acknowledge you have read and agreed to our Terms of Service. Commenters who violate these terms, including use of vulgar language or racial slurs, will be banned. Please be respectful of the opinions of others and keep the conversation on topic and civil. If you see an inappropriate comment, please flag it for our moderators to review.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s