A Vietnamese security company called Bkav claims it has successfully bypassed Face ID authentication on Apple’s flagship iPhone X using – wait for it – a mask.
Before studying the claim and how Face ID works let’s state that, if true, this would be a big technical hiccup, and not just for Apple.
Face ID is supposed to be the hard launch for a new generation of biometric authentication technology and not simply a fancier way to unlock the iPhone X’s screen.
Anyone beating it is also potentially compromising its use as an authentication mechanism for financial transactions (currently Apple Pay) and, in time, wider online services. This matters because the world badly needs better authentication.
Bkav says its proof-of-concept beat Face ID using a rudimentary mask constructed using 3D-printed plastic, paper cut-out eyes and lips, a silicone nose and some makeup, at a total cost of $150 (£110).
In the video demo of the team unlocking an iPhone X, Face ID fails to detect that two-dimensional images have been stuck onto the 3D surface, which was a non-naturalistic mask representing barely half the real user’s face.
This is surprising, not only because Apple said it has tested Face ID against sophisticated replica masks during its launch event, but also because others have also to do the same without success.
What did Bkav do that Apple and others couldn’t?
The company said it fooled Apple’s AI neural engine, which is known to look for specific parts of the face. Somehow, its researchers were able to perfect the mask without having to test it first on a real iPhone X, which locks after five unsuccessful attempts.
Apple’s AI can only distinguish either a 100% real face or a 100% fake one. So if you create a ‘half-real half-fake’ face, it can fool Apple’s AI.
Contrast this with the iPhone X’s Face ID specification which Apple says works by “projecting and analyzing over 30,000 invisible dots to create a depth map of your face [that is] matched against the stored mathematical representation to authenticate.”
The chance of a random person unlocking an older iPhone using the company’s Touch ID fingerprint system is said to be one in 50,000; for Face ID it is supposed to be one in a million.
Inevitably, doubts have been raised about Bkav’s bypass, although the company has form after beating a variety of authentication systems in the past.
The caveat is that anyone using this technique would still have to have extensive access to the iPhone X’s owner in order to create an accurate mask in the first place. The company admits this puts exploits based on it into the realm of high-end cyber-espionage.
Or perhaps not. Reports have surfaced that a 10-year-old boy was able to unlock his mother’s iPhone X, possibly because their faces are similar. When a magazine asked her to re-enrol her face to check this wasn’t a one-off, the son was able to access the phone intermittently.
Perhaps these incidents remind us that while Face ID is very good, it’s still not perfect. It’s already known that identical twins can probably beat it – and Bloomberg claimed that Apple cut corners on Face ID to meet iPhone X deadlines.
This could explain why Apple also requires users to enter a passcode when the iPhone X is turned on or rebooted, or hasn’t been unlocked for 48 hours.
The good news is that companies who set out to break Face ID (including, ironically, Apple itself during the iPhone X’s launch event) are really helping Apple make it better in the long run. Better to do that now, when the technology is new, than discover a big weakness after a real-world compromise.
9 comments on “Apple’s Face ID security fooled by simple face mask”
I believe they used a passcode to train the iPhone to recognise the mask. The same with the mother/ son scenario. If an iPhone was stolen to compromise it this way the theif would need access to the passcode as well…….
Passcodes must be used in a range of circumstances. But over-using those defeats the point of Face ID surely.
They cheated. Face ID still safe.
It’s funny to some Vietnamese. They can break into my phone using my own password (face) after a week.
I suppose the resulting face mask seems simple, but its creation is far from simple. The layperson probably doesn’t need to be concerned until someone can create a face mask that can defeat Face ID in less than 5 attempts (after which iOS requires a passcode).
The Bkav researcher admits that they haven’t been able to create a face mask that can defeat Face ID in less than 5 attempts at about the 46:35 mark of their November 15, 2017 press conference on YouTube.
Is it really, though? The only thing another party has to do to get past your security is to hold your phone up to your face. That could be a police, a thug, or a bully on a playground. You’re still down to a password for the real security. The facial id thing is about convenience, not real security.
Do we really think Face ID is the future of authentication? I think it’s only a matter of time until you can cheaply 3D print a whole face perfectly. Especially in an era where everyone makes a million selfies I don’t think it’s a great idea to rely on faces for authentication, especially for anything other than a gimmick on a phone.
There was a time when I believed biometrics to be the future. Then I remembered the uni days of drinking too much and passing out and the thought of anyone being able to use my biometric without my consent to potentially access my mobile banking app put me me off.
“hold ups” at ATM’s could easily be replaced by ‘friendly bullying’ at the local bar/food court with the perpetrators holding your phone to your face/finger, with the crowds around thinking it’s just jocular fun.
To be honest. I liked the finger print unlock of my banking app for convenience. Didn’t like that that then forced the whole phone into finger print unlock for the reason mentioned above. I want to pin unlock my phone and *then* biometric unlock/authorise apps like mobile banking. Sure, there’s still room for the phone to be taken while you’re using it, but not when you’re sleeping etc.
This is why nothing is safe without 2FA (or maybe 3FA in the future). Biometrics can only supply one of the factors.