Apple's Face ID defeated, claims team

A Vietnamese security company claims to have defeated Apple’s Face ID face recognition authentication system in just five days using a 3D-printed mask that cost less than $200.

Bkav Corporation has uploaded a video demonstrating the process of unlocking an iPhone X using the manufactured mask.

Bkav, which claims it was the first team to demonstrate that face recognition is not an effective security measure for laptops, provides security software, smart home systems and its own smartphone.

The company used a popular 3D printer, a silicon nose handmade by an artist and redesigned by the team, a 2D printer and handmade skin to create a mask capable of fooling the authentication system, according to an FAQ on its website. The mask had a total approximate cost of US$150 ($197).

While the technical skills required to create such a mask may preclude the exploit from being used on normal users, Bkav said the most likely targets would include billionaires, high-ranking officials and other high-profile victims.

According to Bkav, the team started working on the mask right after receiving the iPhone X on 5 November. The video was uploaded on 9 November.

In the lead-up to the iPhone X launch, Apple had insisted that Face ID can distinguish a real human’s face from a mask using AI, with a neural network trained to tell the difference by analysing creations from professional mask makers and Hollywood make-up artists.

But Bkav said the company was able to defeat the technology because its employees understand how this AI works and how to bypass it.

The company added that the proof of concept demonstrates that after 10 years of development, face recognition is still not mature enough to be an effective security measure for computers and smartphones, and that it indicates that Apple may have been too quick to replace Touch ID with Face ID.

Image courtesy Bkav.

Follow us and share on Twitter and Facebook