Apple’s new Face ID security feature has been cracked in the most unorthodox way. It was not breached by elaborate coding or hacking the system but by using a simple mask. A mobile security firm named Bkav managed to bypass Apple’s face recognition technology by using a unique 3D printed mask. While researchers at Bkav state that this method is just a proof of concept, it still shows that facial recognition has yet to mature as a security measure.
The mask is made of a combination of a 3D printed plastic frame, a handmade silicone nose, and cropped paper images of the face used to unlock the phone. During the presentation of the iPhone X event, it was stated that Apple engineers worked alongside professional mask makers and makeup artist from Hollywood to train Face ID’s AI. Nonetheless, this 3D printed mask, which only cost about $150 to make, managed to beat all the training Face ID’s neural network went through.
This is not the first time third parties try to trick Apple’s Face ID. As researchers at Bkav explain on their FAQ, they were able to bypass the facial recognition because they understood how Apple’s AI works. While this method is no cause to raise the alarm to Face ID users, it shows that facial recognition as a security measure still has room for improvement. As far as biometrics go, I believe a two-step authentification is best. Fingerprint in conjunction with facial recognition or, when the technology is developed, retinal scanning.