Every year or so when a new smartphone is released, it seems that its features and security become more advanced. Take for instance, the added fingerprint recognition to the iPhone 5 in 2013. However, a new complication has arisen with Apple’s newest security feature: facial recognition.
Bkav, a Vietnamese security firm, released an article and video on November 27th of an experiment they conducted to bypass Apple’s Face ID. The security company developed a mask they called “the artificial twin,” which they developed only a week after the release of the iPhone X. In the video provided, the demonstrator resets the Face ID on the phone and rescans his face. However, the mask instantly unlocks it upon using Face ID. The mask they used, surprisingly, was not as sophisticated as one would think. It used 3-D printing in stone powder and two-dimensional eyes printed with infrared-sensitive ink, which cost only $200 USD.
“It was simpler than we ourselves had thought,” Bkav researchers said.
However, the security company’s ability to bypass recognition is nothing new. Bkav was able to bypass the facial recognition softwares on laptops from several companies, including Lenovo, Toshiba, and Asus. They presented their findings at the 2009 Black Hat Security Conference.
Bkav was also able to bypass Samsung’s iris scanner, proving that all companies were susceptible to security breaches.
During the iPhone X launch, Apple recommended using a passcode for sensitive data rather than using face ID.
The results produced by Bkav have not yet been confirmed by other security companies. Ironically, some more sophisticated masks have failed to bypass Face ID, though Bkav refutes that their results are fabricated.
According to experts, fingerprint recognition is currently the safest biometric security method.
If the results produced by Bkav are confirmed, facial recognition will not be a viable security option for those with sensitive data, especially people of high power positions. Bkav’s break-in can be found here.