There was much debate around how secure the fingerprint sensor branded as Touch ID in the iPhone 5s is. But soon we are going to find out. With Apple’s iPhone 5s hitting the shelves as early as 8:00 a.m. tomorrow, independent security researcher Nick Depetrillo has launched a race among hackers to crack the fingerprint reader.
Depetrillo has launched a website, IsTouchIDHackedYet.com, to crowdfund a reward for the first hacker that posts a video showing that he or she is able to reproduce the print and use it to unlock the owner of that fingerprint’s iPhone 5s.
The researcher announced the race on Twitter by offering $100, and took off very quickly. As of writing this article, the reward is close to $3000, and this does not include the cryptocurrency Bitcoin and extras such as a bottle of tequila, “dirty sex book”, and others.
The initiative aims to show how difficult spoofing Touch ID can be. How secure Touch ID is remains clear, as Apple said the reader can sense beyond the top layer of a user’s skin and check the “aliveness”, which is to avoid the use of a severed finger to access a stolen iPhone.
“Basically people criticized the TouchId sensor as being insecure, thinking it was a typical fingerprint sensor from five years ago,” he writo to Andy Greenberg. “In reality it’s a lot harder, and I was part of a vocal minority of security researchers who argued Apple did a good job.”
We don’t know if the reward will be a real incentive for hackers to post a video, but as Andy Greenberg of Forbes points out, a single zero-day exploit can sell for as much as $250,000.
Are you interested in backing this race? Check out IsTouchIDHackedYet.com.