iPhone X’s Face ID Security Defeated Using a Mask Days After Its Release

Looks like Apple’s claims that face masks can’t beat the security of iPhone’s Face ID have been turned to dust. Bkav, a Vietnamese cybersecurity firm, claims that they have beaten iPhone’s face ID through the use of a mask.

The Mask

Bkav started working on the mask right after they received the iPhone X. It only took them one week to create the perfect mask that unlocked the phone in just one try. The mask was created using 2D images, silicon, 3D printers and make up, apart from that “special processing done on the cheeks and around the face” Bkav says.

Previous Attempts

Before Bkav, Joanna Stern of The Wall Street Journal made her attempts to beat the Face ID using silicone masks, however, she failed to get past the security of iPhone.

Read More: Apple Launches the Bezelless and Pricey iPhone X

Apple’s Claims

Apple claimed that its Face ID feature has been trained to detect masks and prevent tricks and twists to get around the security barrier.

“[The iPhone] defends against attempts to unlock your phone with photos or masks.” It was mentioned in the documentation where Apple explained how it has used masks to train the neural network of an iPhone.

“These are actual masks used by the engineering team to train the neutral network to protect against them in Face ID,” Phil Schiller, Apple’s engineer, told when the iPhone was introduced back in September. However Schiller didn’t comment on whether the masks were able to bypass the Face ID. He did mention that it is possible but the probability of it happening is very low, 1 in a million to be exact.

Bkav Warns

Bkav says that their research is just a proof that iPhone’s security is breakable however further research is needed. Bkav has warned that though normal users don’t have to worry about anything, it’s the country leaders or other important figures that need to stay alert if their phone gets stolen or lost since a $150 mask can unlock their phone.

“Country leaders, leaders of major corporations… are the ones that need to know about the issue, because their devices are worth illegal unlock attempts. Exploitation is difficult for normal users, but simple for professional ones,” Bkav told.

Via: The Verge

  • >