The Chaos Computer Club in Germany says they "successfully bypassed the biometric security of Apple's Touch ID using easy everyday means."
"A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID. This demonstrates -- again -- that fingerprint biometrics is unsuitable as access control method and should be avoided."
The fingerprint sensor in the iPhone 5s is higher resolution than previous print sensors, but the hackers at CCC say all they had to do was take a higher resolution picture. They even posted a video showing how they did it.
Apple maintains its fingerprint lock technology "provides a very high level of security," and the iPhone maker's website says there is a one in 50,000 chance of two fingerprints being alike.
"Claiming this system offers a high level of security is just ridiculous," said Karsten Nohl of the German hacking think tank SRLabs.
"It would have been incredible if Apple had managed to do something the rest of the biometrics industry has failed to achieve after decades of trying, so I'm not surprised it was hacked after just one day," Nohl said.
Two U.S. security specialists even started a competition, called IsTouchIDHackedYet, offering a "bounty" worth $16,000 in cash and prizes, and they are waiting on CCC to duplicate their hack by pulling an iPhone user's print from something other than their phone.
But Apple says the fingerprint lock is just for convenience, and that a passcode should be used to provide additional security.