Apple’s Face ID security fooled by simple face mask

A Vietnamese security company called Bkav claims it has successfully bypassed Face ID authentication on Apple’s flagship iPhone X using – wait for it – a mask.

Before studying the claim and how Face ID works let’s state that, if true, this would be a big technical hiccup, and not just for Apple.

Face ID is supposed to be the hard launch for a new generation of biometric authentication technology and not simply a fancier way to unlock the iPhone X’s screen.

Anyone beating it is also potentially compromising its use as an authentication mechanism for financial transactions (currently Apple Pay) and, in time, wider online services. This matters because the world badly needs better authentication.

Bkav says its proof-of-concept beat Face ID using a rudimentary mask constructed using 3D-printed plastic, paper cut-out eyes and lips, a silicone nose and some makeup, at a total cost of $150 (£110).

In the video demo of the team unlocking an iPhone X, Face ID fails to detect that two-dimensional images have been stuck onto the 3D surface, which was a non-naturalistic mask representing barely half the real user’s face.

This is surprising, not only because Apple said it has tested Face ID against sophisticated replica masks during its launch event, but also because others have also to do the same without success.

What did Bkav do that Apple and others couldn’t?

The company said it fooled Apple’s AI neural engine, which is known to look for specific parts of the face. Somehow, its researchers were able to perfect the mask without having to test it first on a real iPhone X, which locks after five unsuccessful attempts.


Apple’s AI can only distinguish either a 100% real face or a 100% fake one. So if you create a ‘half-real half-fake’ face, it can fool Apple’s AI.

Contrast this with the iPhone X’s Face ID specification which Apple says works by “projecting and analyzing over 30,000 invisible dots to create a depth map of your face [that is] matched against the stored mathematical representation to authenticate.”

The chance of a random person unlocking an older iPhone using the company’s Touch ID fingerprint system is said to be one in 50,000; for Face ID it is supposed to be one in a million.

Inevitably, doubts have been raised about Bkav’s bypass, although the company has form after beating a variety of authentication systems in the past.

The caveat is that anyone using this technique would still have to have extensive access to the iPhone X’s owner in order to create an accurate mask in the first place. The company admits this puts exploits based on it into the realm of high-end cyber-espionage.

Or perhaps not. Reports have surfaced that a 10-year-old boy was able to unlock his mother’s iPhone X, possibly because their faces are similar. When a magazine asked her to re-enrol her face to check this wasn’t a one-off, the son was able to access the phone intermittently.

Perhaps these incidents remind us that while Face ID is very good, it’s still not perfect. It’s already known that identical twins can probably beat it – and Bloomberg claimed that Apple cut corners on Face ID to meet iPhone X deadlines.

This could explain why Apple also requires users to enter a passcode when the iPhone X is turned on or rebooted, or hasn’t been unlocked for 48 hours.

The good news is that companies who set out to break Face ID (including, ironically, Apple itself during the iPhone X’s launch event) are really helping Apple make it better in the long run. Better to do that now, when the technology is new, than discover a big weakness after a real-world compromise.