Apple’s (NASDAQ:AAPL) new iPhone 5s, which is scheduled to be released to the public on Friday, has come into hackers' crosshairs after an online contest was launched promising a reward to the first person to crack the new handset’s fingerprint scanner, which is one of the latest features to be added to the flagship smartphone.
Nick Depetrillo, an independent security researcher, launched a website called IsTouchIDHackedYet.com on Wednesday, in which he attempted to crowdfund a reward, which will be offered to the first person to hack the Touch ID fingerprint scanner on the iPhone 5s. To win the bounty, a hacker is required to demonstrate in a video that he or she can lift a fingerprint from a surface, reproduce the print, and use it to unlock the iPhone 5s.
“All I ask is a video of the process from print, lift, reproduction and successful unlock with reproduced print. I'll put money on this,” Depetrillo tweeted.
The security researcher said, in an earlier tweet, that he will pay $100 to the first person who can successfully lift a fingerprint off the iPhone 5s’ screen and reproduce it to unlock the same phone in less than five attempts. And by the time of writing this article, the total bounty had risen to about $2,500, of which approximately $500 is in Bitcoin currency. And, anyone interested in upping the stakes will have to tweet the amount offered with the hashtag #istouchidhackedyet.
According to Depetrillo, the goal of the crowdfunded bounty program is not to see the Touch ID hacked, but to prove how difficult it could be to crack the biometric scanner.
“Basically people criticized the TouchId sensor as being insecure, thinking it was a typical fingerprint sensor from five years ago,” Forbes quoted Depetrillo as saying. “In reality it’s a lot harder, and I was part of a vocal minority of security researchers who argued Apple did a good job.”
An Apple spokesperson told Wall Street Journal last week that the fingerprint scanner on the iPhone 5s does not store actual images of users’ fingerprints on the device. Instead, the Touch ID system stores only “fingerprint data” that remains encrypted within the device’s processor to be used later by the phone to unlock itself, or for other purposes such as making purchases on iTunes, iBooks or App stores.
According to the Journal, not storing actual images of fingerprints means that intruders will not be able to reproduce someone’s fingerprints even if the iPhone 5s’ encrypted chip is hacked.
“I honestly don’t know if someone will claim it... If they do I’ll be pleasantly surprised,” said Depetrillo, who has described the Touch ID technology as Apple’s thoughtful implementation of its fingerprint reader.