Face ID isn’t all it’s cracked up to be
“This is where the actual mask that the Apple engineering team used to train the neural network to prevent Face ID from being cracked came from.”
BKAV researchers successfully circumvent the iPhone X’s Face ID protection
BKAV, a Vietnamese security vendor
BKAV researchers also released a proof-of-concept (PoC) video to demonstrate how the new iPhone X can unlock Face ID using this special mask in one go.
BKAV’s answer to the question on their website explains: ‘Many people around the world have tried different types of masks to try and unlock Face ID, but they haven’t been able to do it because the iPhone X Face unlock is extremely demanding, but we know how facial recognition works and how to get around it.
“You can try it with your own iPhone X, and it can recognize you even when half of your Face is covered, which means that the recognition mechanism is not as rigorous as you might think. Apple seems to be relying too heavily on Face ID’s AI technology, so we only need half of your Face to make a mask, which is much easier than we thought.”
The BKAV researchers explained that they got the iPhone X on November 5, but it only took five days to complete the entire unlocking design. They also said that the demonstration was on the face of a member of their team and that they had not been trained to identify any components of the special mask using the iPhone X.
“We used a popular 3D printer, the nose was made by a hand artist, the rest of the mask was 2D printed, and some hand work was done on the mask skin to fool Apple AI.”
BKAV says the entire unlocked product (not including the 3D printer) costs around $150. It doesn’t specify other attempts by the researchers to bypass Face ID, but it should point out that creating the special mask to unlock someone’s iPhone X would be time-consuming. This approach does not form a universal means of hacking into the iPhone X.
If privacy is important, we also strongly recommend using passwords rather than fingerprints or Face ID security measures.
From FreeBuf.COM, the original address: http://www.freebuf.com/news/154043.html
Aleju safety
Aliju security (http://jaq.alibaba.com) produced by The Alibaba Security Department, for enterprises and developers to provide Internet business security solutions, comprehensive coverage of mobile security, data risk control, content security, real person authentication and other dimensions, and the industry took the lead in proposing “business-centric security”, enabling ecology, Alibaba Group and the industry to share years of precipitation of professional security ability.