Security experts use simple mask to fool Face ID on the iPhone X – again


Security experts have once again used a simple mask to trick the Face ID authentication system found on Apple’s new $1,000 iPhone X.

Earlier this month, researchers from Vietnamese cyber security firm Bkav revealed how it was possible to fool Face ID and gain access to an iPhone X by using a silicone mask complete with 2D printed images of the eyes and mouth.

However, that particular mask wasn’t very practical as it was 3D printed and it took the researchers hours modelling the silicone nose in order to bypass the security of the Face ID system.

Now Bkav researchers have come back for another try and succeed again.

This time they say their mask is more lifelike as it made out stone powder which is said to more closely resemble human skin.

They again used 2D printed images for the eyes and mouth, with the result being that the researchers used the mask to unlock the iPhone X even when on its highest security setting, they claim.

“About 2 weeks ago, we recommended that only very important people such as national leaders, large corporation leaders, billionaires, etc. should be cautious when using Face ID,” the researchers said in a blog post.

“However, with this research result, we have to raise the severity level to every casual users: Face ID is not secure enough to be used in business transactions.”

The researchers also posted another video demonstrating the second hack and used their findings to reiterate that Face ID perhaps isn’t as secure as Apple has claimed.

And it’s not only security researchers who have been able to fool Face ID.

Earlier this month, a video surfaced online showing a 10 year old unlocking an iPhone X simply because he looked like his mother.

The Bkav researchers recommend say that fingerprints remain the most secure way of protecting a smartphone. One of the features of the $1,000 is that it doesn’t have a fingerprint scanner. Of course you can still use a pass code on the iPhone X, and pretend like it’s 2004.


Comments are closed.