IPhone X's Face ID gets conned by mask

An Apple iPad is used in Las Vegas

A team of Vietnamese researchers argues that the new technology is easy to fool if you wear a composite 3D-printed mask.

When it launched the iPhone X, Apple said that the company has worked with professional mask makers and Hollywood makeup artists. You can see it here.

When the iPhone X was unveiled in September, Apple marketing executive Philip Schiller said that Face ID's creators had developed a "neural engine" to process facial recognition that wouldn't "easily be spoofed by things like photographs", he said.

Positioned under a sheet less than a metre away from the iPhone X, the mask successfully unlocked the phone as soon the material was removed. Facial recognition has shown its pitfalls in the past, with hackers tricking security by putting a photo over the camera.

Other than that, the eyes were represented with printed 2D images, with a little extra special processing done on the cheeks and other areas of the face where there are large areas of skin. So, the device is going to "change and evolve" further in the coming months. "On the inverse, if security is your priority, until more is tested against Face ID, I'd suggest using only a passcode, all the time". The firm said it only meant to show a "proof of concept" that Face ID can be skirted and that such techniques would not target regular users but more likely "billionaires (and) leaders of major corporations".

But there's a few issues with the methods behind the video, none of which BKAV's blog post quite answered. Whether it's an infamous 3D printed copy of a TSA master key or a 3D printed turtle created to mess with Google's AI vision, additive manufacturing is helping members of the public spot the flaws in major security systems-before it's too late!

Apple did not immediately respond to a request for comment.

One week has passed, since Apple launched iPhone X, while the race between hackers to dodge its Face ID has finally come to an end.

The mask facing the stand where the iPhone X was placed.

In fact, it also said that the fingerprint sensor which uses biometric security system is the better security measure as of now.

Until then, there's no reason to stop using Face ID, unless you simply find it annoying to use. Face ID is said to have an error rate of just one in one million.

So sure - Face ID can be beaten, given the right set of circumstances, skills, and time. The company never specified how many attempts it made.

The nose of the mask was made with silicone. "If convenience is more important, Face ID may be your choice". The company also claims that the FaceID is foolproof and can't be hacked using a two-dimensional picture of the user to unlock the phone. The team took less than a week to apparently crack Cupertino's vaunted new security mechanism, demonstrating that miscreants can potentially unlock a phone with a mask of the owner's face.

In this hack, a detailed scan was required of the individuals face in order to 3D print the mask. The cybersecurity firm did stress that "billionaires, leaders of major corporations, nation leaders and agents like FBI" need to be aware of the problem. "This seems like an unlikely sequence of events", Norris said. Bkav had to spend around $150 while creating the mask.

The researchers had an artist make the silicone nose for the mask by hand.

These requirements to create the mask reach such a high standard that it seems like it would be nearly impossible to replicate this scenario in an actual attack.

Related News: