Apple's Face ID with attention detection fooled by $200 mask
After supposedly tricking Apple's Face ID security system earlier this month with a $150 mask, Vietnamese security firm Bkav on Monday said it has repeated the process with a second 3D-printed mask that can also bypass iPhone X's attention detection safeguard.
In its first video, Bkav demonstrated a proof of concept Face ID attack involving a 3D-printed frame covered in makeup, a silicone nose, 2D images and a large "specially processed" area.
At the time, skeptics called Bkav's methodology into question. Notably, the security firm failed to record the Face ID enrollment process, meaning Bkav could have enrolled the mask as the device's primary user. Alternatively, Face ID might have adjusted to authenticate the original mask over the course of multiple unlock attempts as the system "learns" from consecutive successful unlocks, a feature designed cope with natural changes to a user's face.
Bkav's latest video, however, runs through the entire enrollment process without cuts, suggesting the new mask -- 3D printed from stone powder with eyes represented by 2D infrared images -- did indeed circumvent Face ID's protections.
Seen in the short clip, a human user erases the enrolled Face ID profile in system settings and sets up a new account in real time. The user unlocks the handset using his own face, locks it and carefully positions it in front of the mask dubbed the "artificial twin." Bkav's double successfully unlocks iPhone X not once, but twice.
Perhaps more impressive is that Bkav was able to bypass Face ID's attention detection feature, an optional safeguard that monitors a user's eyes to verify that they are looking at their phone before unlocking it.
In a blog post detailing the procedure, Bkav said the new mask cost about $200 to produce using materials and tools readily available to casual users.
"About 2 weeks ago, we recommended that only very important people such as national leaders, large corporation leaders, billionaires, etc. should be cautious when using Face ID," said Ngo Tuan Anh, VP of cyber security at Bkav. "However, with this research result, we have to raise the severity level to every casual users: Face ID is not secure enough to be used in business transactions."
According to the firm, fingerprint-based biometric security systems are superior to facial recognition solutions like Face ID. Fingerprints, the firm says, cannot be collected at a distance, while photographs can. That said, it is unclear what data Bkav used to create its second mask. Traditionally, 3D printed objects are rendered from highly accurate CAD files or three-dimensional scans run through specialized software.
Whether Bkav was able to extrapolate dimensioning data from 2D photographs is unknown.
Bkav's video is the latest in a string of attempts to defeat Face ID. Earlier this month a video showing a 10-year-old unlocking his mother's iPhone X surfaced, offering evidence that Face ID is sometimes unable to distinguish between family members who strongly resemble each other. Other unscientific tests involved twins, some of whom were able to unlock a sibling's device.
In its first video, Bkav demonstrated a proof of concept Face ID attack involving a 3D-printed frame covered in makeup, a silicone nose, 2D images and a large "specially processed" area.
At the time, skeptics called Bkav's methodology into question. Notably, the security firm failed to record the Face ID enrollment process, meaning Bkav could have enrolled the mask as the device's primary user. Alternatively, Face ID might have adjusted to authenticate the original mask over the course of multiple unlock attempts as the system "learns" from consecutive successful unlocks, a feature designed cope with natural changes to a user's face.
Bkav's latest video, however, runs through the entire enrollment process without cuts, suggesting the new mask -- 3D printed from stone powder with eyes represented by 2D infrared images -- did indeed circumvent Face ID's protections.
Seen in the short clip, a human user erases the enrolled Face ID profile in system settings and sets up a new account in real time. The user unlocks the handset using his own face, locks it and carefully positions it in front of the mask dubbed the "artificial twin." Bkav's double successfully unlocks iPhone X not once, but twice.
Perhaps more impressive is that Bkav was able to bypass Face ID's attention detection feature, an optional safeguard that monitors a user's eyes to verify that they are looking at their phone before unlocking it.
In a blog post detailing the procedure, Bkav said the new mask cost about $200 to produce using materials and tools readily available to casual users.
"About 2 weeks ago, we recommended that only very important people such as national leaders, large corporation leaders, billionaires, etc. should be cautious when using Face ID," said Ngo Tuan Anh, VP of cyber security at Bkav. "However, with this research result, we have to raise the severity level to every casual users: Face ID is not secure enough to be used in business transactions."
According to the firm, fingerprint-based biometric security systems are superior to facial recognition solutions like Face ID. Fingerprints, the firm says, cannot be collected at a distance, while photographs can. That said, it is unclear what data Bkav used to create its second mask. Traditionally, 3D printed objects are rendered from highly accurate CAD files or three-dimensional scans run through specialized software.
Whether Bkav was able to extrapolate dimensioning data from 2D photographs is unknown.
Bkav's video is the latest in a string of attempts to defeat Face ID. Earlier this month a video showing a 10-year-old unlocking his mother's iPhone X surfaced, offering evidence that Face ID is sometimes unable to distinguish between family members who strongly resemble each other. Other unscientific tests involved twins, some of whom were able to unlock a sibling's device.
Comments
So, to unlock an iPhone X using this hack, you need to do one of two things: 1) Steal a phone and then capture a bunch of photos of the owner without his/her knowledge, print a mask using stone dust and some kind of infrared printer, all within 48 hours (or less) to get under the phone's biometric time limit, or 2) do all of that stuff BEFORE you steal the phone so the mask will be ready when you have the phone in your custody.
Oh yeah. You iPhone X owners should be petrified with concern.
I wish people would use standard test practices instead of having both the test mask and the real face in the room in the same general area at the same time. If I was running this test, I'd encode my face in another room, test to make sure it unlocks, then restart the phone, enter my pin, lock the phone then unlock with my face again to make sure the normal, entire process works.
Once this is done I'd lock the phone and give the phone to a different person who takes it into a separate room and tries unlocking it with the mask.
I would think Apple's algorithms would notice a 2D print of the eyes and the lack of realistic 3D around the eyes. A person can not make the exact "face" twice in a row so the software should sense the lack of change in facial muscles from one attempt to the next. Until someone actually runs a proper test, I will still believe in Apple's FaceID product.
A bland declaration of “easy” doesn’t cut it.
Bkav: “Yes, it’s really quite simple. Just register FaceID, then immediately hand over your iPhone to us, before you use the iPhone to refine the FaceID data set, and also stand still while we take some detailed photos of your face under controlled lighting conditions. Then go home and come back tomorrow and we’ll show you the trick. Oh, and in the meantime please don’t use Find My Phone to lock us out, okay?”
And... GO!
I want someone, anyone who hacks FaceID or TouchID to show us an unedited video of the entire process. For all we know they tried dozens of times and then only published a video when it worked.
In fact, I'd bet $$$ this is EXACTLY what's happening here.
I'll get Barney, you go get Rollin, and we'll go meet Jim out the back of the EEPR embassy.
I'm still not completely convinced, although they have addressed one or two questions about the previous test. Don't think it's going to work as a real world test.
I would think FaceID would not work if it doesn't sense movement in the eyes, which would not happen in the test given in this article. Try staring without changing the location of your eye and you'll find it's almost impossible. Apple needs to add this requirement, if it's not already there. The eyes need to shift, refocus, or change somehow to recognize it as a live person.
https://arstechnica.com/information-technology/2013/09/defeating-apples-touch-id-its-easier-than-you-may-think/