Hacking TouchID Could Bring a Bounty of Almost $20,000
A campaign spreading through Twitter is funding a bounty for the first person to successfully break the TouchID fingerprint sensor on Apple's new iPhone 5S.A crowdsourced effort to spur interest in breaking Apple's latest security enhancement to the iPhone—the TouchID fingerprint sensor—has resulted in an ad hoc bounty program that reached nearly $20,000 in less than two days. A series of bantering tweets between security researchers on Sept. 18 evolved into a site, IsTouchIDHackedYet.com, that tracks the individual bounties pledged by people on Twitter. So far, 92 people have contributed to the fund, offering anything from $100 to bitcoins to alcohol to even a patent application on the resulting technique. As of noon Eastern Time on Sept. 20, the total of the cash and prizes stood near $20,000. The trio who kicked off the effort—Nick Depetrillo, Robert Graham and a researcher who uses the monicker "The Grugq"—started by offering $100 each as a way to quiet critics who argued that hacking the TouchID fingerprint sensor technology would be trivial, requiring no more effort than Nicolas Cage lifting a fingerprint off a champaign glass in the movie "National Treasure." "I will pay the first person who successfully lifts a print off the iPhone 5S screen, reproduces it and unlocks the phone in < 5 tries $100," Depetrillo, a security researcher, tweeted Sept. 18. "All I ask is a video of the process from print, lift, reproduction and successful unlock with reproduced print. I'll put money on this."
Announced earlier this month at the unveiling of the iPhone 5S, Apple's TouchID fingerprint sensor uses technology from AuthenTec, which Apple acquired last year. The technology does not digitize the fingerprint's optical image but, rather, scans the subdermal layer for the unique details of the fingerprint, the company said in its presentation.