When the iPhone X was announced in September 2017, Apple showed off its Face ID feature that relies on facial recognition to unlock the screen. At the time, Apple’s senior VP of worldwide marketing, Phil Schiller, stated that “professional mask makers and makeup artists in Hollywood” had helped to “train the neural networks” of Face ID, making phone security more reliable than ever and almost impossible to hack.
Considering this “challenge accepted” Vietnamese tech security firm Bkav have applied 3D printing, silicone molding and handmade design to develop a mask that claims to successfully trick FaceID into unlocking any iPhone X.
Face ID’s anti-spoofing measures.
As outlined in Apple’s white paper, Face ID uses a TrueDepth camera system to accurately map the geometry of a face and recognise it. After detecting the direction of your gaze, the details are run through a neural network, allowing a phone to be unlocked with a glance.
In addition to features such as keeping track of changes in facial appearance, Apple also offers an anti-spoofing software to stop Face ID trickery. The anti-spoofing device works using a randomized sequence of 2D images and a depth map captured by the camera. This sequence is converted to raw mathematical data and then compared to the initial image of the user on file.
Unmasking Face ID’s weaknesses
Bkav researchers began testing Face ID as soon as the iPhone X was released to them last week. As part of Bkav’s proof of concept experiment, the team set up a new iPhone X with Face ID selecting a “no passcode” rule, allowing just the artificial face to be used when unlocking the phone.
Ngo Tuan Anh, Bkav’s VP for Cyber Security explained that the mask was “specially crafted by combining 3D printing with makeup and 2D images”, along with some “special processing on the cheeks and around the face, where there are large skin areas, to fool AI of Face ID.” All in all it cost $150 to make Bkav states that its researchers used a “popular 3D printer,” for the facial frame, with a nose “made by a handmade artist.”
Positioned under a sheet less than a metre away from the iPhone X, the mask successfully unlocked the phone as soon the material was removed. Though this may cause some concern for regular iPhone X user, Bkav points out that potential targets are more likely to be “billionaires, leaders of major corporations” and politicians.
Making and testing the mask
The Bkav researchers say they needed “a half face to create the mask. It was even simpler than we ourselves had thought.” The team suggested that since since Apple released the iPhone X a year early, “they haven’t carried out scientific and serious estimation before deciding to replace Touch ID with Face ID.”
Bkav adds, “Take the nose of our mask for example, its creation is not complicated at all […] when we found that the nose did not perfectly meet our demand, we fixed it on our own, then the hack worked.”
“So, it’s easy to make the mask and beat Face ID.”
Hackable AI and biometrics
This is not the first time that 3D printing has been used to hack a phone’s biometric security system, or exploit weaknesses in AI recognition systems.
Professor Anil Jain, from Michigan state university, helped police unlock a murder victim’s fingerprint scanner-secured phone. Jain’s team used criminal record fingerprints to 3D print molds for artificial fingertips identical to the victim’s.
Earlier this month, Google’s AI object recognition system was tricked by researchers at MIT into misidentifying a specially 3D printed model of a turtle as a rifle.
Featured image shows Apple’s Phil Schiller and the realistic test masks used to train Face ID. Photo via Apple.