Hackers Beat iPhone X’s Face ID Security In Just One Week
Hackers claim to have beaten Apple’s facial recognition security technology just one week after the iPhone X went on sale.
Apple has previously claimed their FaceID system on the new iPhone X cannot be fooled by photos, impersonators and masks but cyber security firm Bkav said a 3D-printed mask which costs $150 (£115) to make has already fooled the new software.
FaceID is used to unlock the new iPhone X, as well as allowing users to authorise payments and log in to apps. Apple has been using fingerprint sensor embedded in the home button for several years, but completely removed the home button on the newest iPhone model.
Watch the video here:
The researchers said their findings proved that Face ID is ‘not an effective security measure’, although making the mask did require a detailed facial scan, and would be difficult for normal users to replicate.
When the iPhone X was unveiled in September, Apple claimed there was a ‘one in a million chance of another person being able to unlock the phone’ and said they’d ‘stress-tested the technology using silicone masks made by Hollywood studios’, writes the Telegraph.
Bkav constructed the mask using a combination of 3D printing, a silicone nose and printed images of the eyes.
In a video released by the company you can see Face ID supposedly being fooled when a cloth covering the mask is taken away.
The Telegraph states because the video ‘does not show Face ID being set up’, it cannot be confirmed Bkav’s technique actually works.
When asked who’d be targeted by the hack, they said:
Potential targets shall not be regular users, but billionaires, leaders of major corporations, nation leaders and agents like FBI need to understand the Face ID’s issue. Security units’ competitors, commercial rivals of corporations, and even nations might benefit from our PoC.
FaceID caused some embarrassment for Apple back when it was being unveiled ahead of its release.
Things obviously didn’t go according to plan when Craig Federighi, Apple senior vice president, attempted to demo the feature in front of the audience in the room and no doubt the millions of people watching at home.
Federighi was extolling the virtues of Face ID, telling the audience how easy it would be to operate and how secure the phone would be as a result.
And then he was left completely embarrassed when he tried to lift the phone to his face, only to be told to enter the code for the phone because it had failed. A classic.
Before the fiasco, Federighi said:
With iPhone X, your iPhone is locked until you look at it, and it recognises you. Nothing has ever been more simple, natural and effortless.
We call this Face ID. Face ID is the future of how we unlock our smartphones and protect our sensitive information.
Apple said their Face ID technology is unsuitable for children under the age of 13 or for twins, suggesting these users set up a passcode instead.
The company did not respond to a request by The Telegraph for comment on Bkav’s findings.