I remember reading about one school which implemented "live finger" readers.
How did kids hack it?
Polymer clay and a gummy bear.
Put your finger on clay and wait for it to dry. You will have your permanent mirrored fingerprint.
When required fingerprint press gummy bear against clay and then against the reader. As gummy bear holds charge, can even be cut thin etc. there is little chance to detect that it is not a real skin.
You are missing the "requires a live finger" part.
The biometric system (sensor + algorithm) used by Apple, as well as other competitive biometric vendors, detect blood flow, pulse in the finger. This is done as a mitigation against fake fingers as well as the (always presented) gory "cut off the finger" attack scenario.
A gummy bear may be lifelike, but normally lacks a beating heart and circulatory system.
Most fingerprint sensors that look for a pulse can be fooled by a gummy bear that has been sliced thin enough to allow the pulse to pass through, but thick enough for the ridges to be picked up. Think about something around a millimeter thick.
I remember reading about one school which implemented "live finger" readers.
How did kids hack it?
Polymer clay and a gummy bear.
Put your finger on clay and wait for it to dry. You will have your permanent mirrored fingerprint.
When required fingerprint press gummy bear against clay and then against the reader. As gummy bear holds charge, can even be cut thin etc. there is little chance to detect that it is not a real skin.