The Vietnamese security company Bkav made headlines in mid-November after uploading a video with Face ID that was accessed with a mask, but there were several questions about the unlocking methods used in the video, including if activated "Require Attention". Today, Bkav shared a second video with a new mask and a clearer look at how the mask was used to fake Face ID.
As described in an attached blog post, Bkav used a 3D printed mask made of stone powder, which cost approximately $ 200 to produce. The 2D images of the eyes were then glued with masking tape over the mask to emulate the real eyes.
Bkav restored the identification of the face in the camera and then reconfigured it with the face of the demonstrator. "Require attention for face ID" and "Mindfulness features" were enabled on the iPhone X. For those who do not know, "Attention required for face ID" is intended to add an additional layer of security by requiring to look at your iPhone to use Face ID, and it's one of the features that is supposed to prevent Face ID from unlocking with a mask, with a picture, or when you're looking away from your phone.
After activating Face ID, the Bkav demonstrator unlocks the iPhone X normally with its own face, and then unlocks it once again with the mask. The mask seems to be able to unlock the iPhone X immediately, without failed attempts and without learning, since Face ID was configured from scratch just before the test. The 2D infrared eyes of the mask also seem to trick the "Require attention to Face ID" setting.
Bkav states that the materials and tools used to create the mask are "casual for anyone" and that Face ID "is not safe enough to use in commercial transactions", but it is worth noting That by cheating Face Identification in this way requires a 3D printer, several hundred dollars worth of materials, physical access to a person's iPhone X, and detailed facial photographs that can be used to reconstruct a person's face. Even then, if the 3D printed mask and the infrared eye design are not perfect, Face ID will fail after five attempts.
Bkav believes that Face ID is less secure than Touch ID because it is easier to capture photographs from a distance than to obtain a fingerprint, but this is still a very complex replication process that the average user does not need to worry about.
The Bkav researchers said that making a 3D model is very simple. A person can be secretly photographed in just a few seconds when they enter a room that contains a system of pre-installed cameras located at different angles. Then, the photos will be processed by algorithms to make a 3D object.
It can be said that, until now, Fingerprint is still the safest biometric technology. Collecting a fingerprint is much more difficult than taking photos from afar.
The Apple Face ID security document [PDF] describes several scenarios in which Face ID has a greater chance of being cheated, even with twins, resembling siblings and children under 13, but the masks are Particular interest because Face ID presents a neural network that was "trained to detect and resist impersonation" to protect against "attempts to unlock the phone with photos or masks". From Apple:
Face ID matches the depth information, which is not found in printed or digital 2D photographs. It is designed to protect against impersonation through masks or other techniques through the use of sophisticated anti-spoofing neural networks. Face ID is even aware of the attention.
When Touch ID, the predecessor of Face ID, was first launched on the iPhone 5s in 2013, there were many similar demonstrations of how you could cheat with a fake fingerprint, but there is little evidence that these methods ever they were used to unlock devices in the real world on a large scale, and it turned out to be something that most iPhone users did not have to worry about. The same is likely with Face ID.
Apple has made several improvements in Touch ID over the years, which makes it faster and more accurate, and will undoubtedly make similar improvements to Face ID in the future. Meanwhile, although Face ID can be fooled by a double or complicated facial replication process, it is largely safe for most users and has received mostly positive reviews for its security and ease of use.