When Apple launched the iPhone X on November 3, it became an immediate race among hackers around the world to be the first fool the company’s new advanced form of authentication. A week later the hackers on the actual another side of the world claim to have easily reprinted someone’s face to unlock his iPhone- with what looks like a simpler technique than some security researchers believed possible.
Vietnamese security firm Bkav introduced a video showing that- by all appearances they had cracked Face ID with a composite mask of 3D printed plastic, silicone, makeup ad simple paper cutouts, which in combination tricked an iPhone X unlocking. That demonstration, which has yet to be confirmed publicly by other security researchers, could poke a hole inexpensive security researchers could poke a hole in the expensive security of the iPhone X, particularly given that the researchers say their mask cost just $150 to make.
The company said, “Apple has done this not so well. Face ID can be fooled by the mask, which means it is not an effective security measure”. The video shows that one of the company’s staff pulls a piece of cloth from a mounted mask facing an iPhone X on a stand and the phone instantly unlocks. Despite the phone’s sophisticated 3-D infrared mapping of its owner’s face ad AI-driven modeling.
The researchers added that they were able to achieve that spoofing with a relatively basic mask little more than a sculpted silicone nose some two-dimensional eyes and lips printed on paper, all mounted on a 3-D-printed plastic frame made from a digital scan of the would-be victim’s face.
No security is fool proved, but bypassing Face ID in secrecy through this method generally seems to require the high degree of technical knowledge, time and effort ad direct access to iPhone X in question. If any malicious parties would have a limited window to get into a stole phone since Apple has built in various restrictions on how often Face ID can be used alone.
Despite the potential threat of snooping on a sleeping, kidnapped, or dead person’s iPhone X, Rogers (security researcher) considers the notion that someone will make a silicone-and-plastic mask of the average person’s face far-fetched. A far more practical concern is someone simply tricking a victim into glancing at their phone.