Though it requires cooperation from the fingerprint theft victim, it’s quite easy, as a reporter from the Wall Street Journal learned. After the president of Vkansee, a company that develops fingerprint-based security systems, took an imprint of his finger using a dental mold, he used kids’ modeling clay to make a replica of his finger tip and use it to unlock an Apple (AAPL) iPhone. It took a few tries, but the fingerprint replica eventually worked.

With that said, other security experts say they can spoof a fingerprint without the finger owner’s cooperation. For example, in 2014, researchers at Germany’s Security Research Labs were able to hack a Samsung Galaxy 5’s fingerprint sensor, while the previous year, a team of German hackers bypassed the then-new iPhone 5S’s Touch ID fingerprint reader.

But as the Journal notes, some companies are developing more advanced systems to help close those loopholes. Goodix is integrating additional layers of security, such as looking at blood flow to ensure a real finger is used, while Vkansee is adding a camera to authenticate the same.

An earlier version misstated the Vkansee executive’s title. The story has been corrected to reflect that he is the company’s president, not CEO.