Technology

This $150 mask beat Face ID on the iPhone X


Vietnamese cybersecurity firm Bkav claims it’s been able to bypass the iPhone X’s Face ID feature using a mask. The mask is made to trick Apple’s depth mapping and the result is a kind of creepy hybrid monster head with realistic cutouts for the eyes, nose and mouth.

Bkav says the mask is crafted through a combination of 3D printing, makeup, and 2D images. There’s also some “special processing done on the cheeks and around the face” where there are large areas of skin, and the nose is created from silicone. The demo video shows the iPhone being unlocked using the researcher’s face and then again using the mask, in just one go.

 

The cost of making the mask is relatively inexpensive at $150, says Bkav, which began working on the mask right after recieving their iPhone X on November 5th. That means it was able to create a bypass for Face ID in less than a week. The firm does stress that the product is just a proof of concept at the moment and more research is needed. “Country leaders, leaders of major corporations… are the ones that need to know about the issue, because their devices are worth illegal unlock attempts. Exploitation is difficult for normal users, but simple for professional ones,” Bkav said on an FAQ on its website.

Apple published a technical white paper on Face ID a few weeks ago that described the techniques used in facial matching. It states that the iPhone X uses a neural network that’s trained to spot and resist spoofing, and “defends against attempts to unlock your phone with photos or masks.” The Wall Street Journal’s Joanna Stern made a silicone mask that failed to trick Face ID during her review of the iPhone X.

 

The masks Apple used to train its neural network.
 Image: Apple

When introducing the iPhone X in September, executive Phil Schiller said Apple’s engineers had worked with professional mask makers and makeup artists in Hollywood to protect against attempts to beat Face ID. “These are actual masks used by the engineering team to train the neutral network to protect against them in Face ID,” said Schiller. He didn’t say if any of its masks could defeat the system, however. Schiller did concede that no biometric system is perfect, noting that the probability of a random person unlocking an iPhone X with Face ID is approximately 1 in 1,000,000, compared to 1 in 50,000 for Touch ID.

#TechDomes2017

Advertisements

Categories: Technology

Tagged as: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.