Technology
Apple’s Face ID can be fooled by an altered pair of glasses, but there’s a weird catch
Skeptical about the security of Apple’s Face ID? This news won’t help.
As Threatpost reports, researchers from Chinese tech giant Tencent showed at the Black Hat USA conference on Wednesday how they used a pair of glasses with tape placed on the lenses to fool facial recognition software, including Face ID. The catch: the victim has to be unconscious for the hack to work.
The newly discovered vulnerability exploits the “liveness” detection aspect of biometrics authentication, which helps determine what’s “real” and “fake” when reading a face, according to Threatpost. By putting a small piece of black tape with an even smaller piece of white tape on each lens, the glasses are able to fool the liveness detection.
Researchers Demonstrated Method for Bypassing Face ID on an ‘Unconscious’ Victim’s iPhone Using Glasses and Tape https://t.co/VKFjVvjO9y – During the Black Hat USA conference in Las Vegas, researchers demonstrated a Face ID bypass method that used glasse… pic.twitter.com/mTxtkUOLJU
— Dr Vicente Nario (@DrBicentenario) August 9, 2019
Threatpost elaborates:
Researchers specifically honed in on how liveness detection scans a user’s eyes. They discovered that the abstraction of the eye for liveness detection renders a black area (the eye) with a white point on it (the iris). And, they discovered that if a user is wearing glasses, the way that liveness detection scans the eyes changes.
“After our research we found weak points in FaceID… it allows users to unlock while wearing glasses… if you are wearing glasses, it won’t extract 3D information from the eye area when it recognizes the glasses.”
Granted, that’s a very specific set of circumstances that sounds like something out of a spy film, but it’s not a totally outlandish scenario. And now that this loophole has been uncovered, it’s also not crazy to think someone will come up with a much easier way to exploit it.
This is hardly the first time Face ID has been fooled; people have been getting around it almost since it rolled out.
Admittedly, most of those scenarios — like an evil twin! — sound as unlikely as altered glasses on your unconscious face. You’re probably pretty safe using Face ID in your day-to-day life.
But each vulnerability feeds into the general unease surrounding the technology. Luckily, you can still choose to use passcodes instead.
-
Business5 days ago
API startup Noname Security nears $500M deal to sell itself to Akamai
-
Business6 days ago
US think tank Heritage Foundation hit by cyberattack
-
Entertainment5 days ago
NASA discovered bacteria that wouldn’t die. Now it’s boosting sunscreen.
-
Entertainment5 days ago
How to watch ‘Argylle’: When and where is it streaming?
-
Business4 days ago
Tesla drops prices, Meta confirms Llama 3 release, and Apple allows emulators in the App Store
-
Entertainment4 days ago
‘The Sympathizer’ review: Park Chan-wook’s Vietnam War spy thriller is TV magic
-
Business3 days ago
TechCrunch Mobility: Cruise robotaxis return and Ford’s BlueCruise comes under scrutiny
-
Entertainment5 days ago
Dyson 360 Vis Nav robot vacuum review: Dyson should just stick to upright vacuums