Apple iPhone X Face ID fooled by a mask.
In the months of giddy speculation and strategically leaked news about the latest iPhone, one of the much touted features was a camera that was specifically suited for facial recognition. It presumably spoke to capabilities of facial recognition for things like unlocking the phone, signing into AppleID, and even paying with Apple Wallet, all of which were exciting yet viable applications for biometric markers.
But new findings on the security of facial recognition might make some consumers think twice about the hefty price tag of this model: researchers at Bkav Corporation have already been able to crack the phone by using a 3D printed mask of the stored owner’s face.
According to The Register, “After registering a person’s face on the phone – and the handset should only unlock when it sees this face – the team built a 3D printed mask of the test subject using an off-the-shelf 3D printer. They then put 2D printouts of the user’s eyes, upper cheekbones and lips over the mask and added a silicone nose for realism.”
But in reality…
In all, the hack not only broke through the less-advanced-than-apparently-Apple-thought AI-based security, it accomplished it with an off-the-shelf printer and a little more than a hundred bucks. But is this really enough to make anyone skip the iPhone X? Probably not, and with good reason. In order for this hack to work, someone would have to steal your iPhone and have a quality face-forward picture of you with a semi-matching expression to the one stored in the phone. The first attempts that breaking in didn’t work due to the required contours and shading of your facial features, so the photo the thief takes seconds before stealing your phone has to provide them with enough clear detail to recreate your three-dimensional face.
Why bother? Snapping pictures then grabbing a phone only to spend a good bit of change to break into it just doesn’t seem like the kind of crime that will produce any manner of payoff. However, when the goal isn’t reselling your new phone or ordering some high-end electronics with your Amazon app–but is more akin to stealing government, military, or financial industry secrets via a company smartphone–the payoff might be worth it. High-level industry personnel who are placing unspeakable trust in Apple’s security might want to do a little more research.