comscore Apple’s Face ID can be easily bypassed using modified glasses
News

Apple’s Face ID can be easily bypassed using modified glasses: Security researchers

Researchers have discovered a flaw in Apple’s Face ID that allows users to bypass security using modified glasses. The process isn’t straightforward, but it works.

  • Published: August 9, 2019 3:53 PM IST
iphone x face id

With the iPhone X, Apple ditched the fingerprint scanner (Touch ID) and replaced it with Face ID. Apple has always billed Face ID to be more secure than Touch ID. And while bypassing the biometric security isn’t easy, it is possible. Security researchers at 2019 Black Hat conference revealed a possible flaw with facial biometrics. Also Read - Apple to add Face ID on Macs with smart Auto-Wake feature, patent suggests

How researchers bypassed Face ID

According to researchers, once can use modified glasses to bypass the biometric security medium. “By merely placing tape carefully over the lenses of a pair of glasses and placing on the victim’s face the researchers demonstrated how they could bypass Apple’s FaceID in a specific scenario. The attack itself is difficult, given the bad actor would need to figure out how to put the glasses on an unconscious victim without waking them up,” a report on Threatpost said. Also Read - Apple iPhone 2021 may feature both Face ID and under-screen Touch ID features: Kuo

Researchers took advantage of ‘liveness’ feature of the system. It detects if a person is looking at the device. “They discovered that the abstraction of the eye for liveness detection renders a black area (the eye) with a white point on it (the iris). And, they discovered that if a user is wearing glasses, the way that liveness detection scans the eye changes.” Also Read - Apple may allow Face ID and Touch ID for iCloud web sign-in; testing in iOS 13 and macOS Catalina

They then demonstrated the same by creating modified glasses by using white and black tape. In the demo, researchers showed how to bypass security and transfer money using mobile payments. Apple, in a support document explains that Face ID was designed to avoid spoofing by masks and other techniques. To achieve this, it uses neural networks. As an extra layer of security, Apple also has an attention-aware feature.

How companies can tighten the security

While researchers have found a way to bypass facial biometrics, the exploit is very difficult to pull off. In terms of mitigation, researchers suggest manufacturers to add identity authentication for native cameras. They also recommend to increase “the weight of video and audio synthesis detection.”

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel.
  • Published Date: August 9, 2019 3:53 PM IST


You Might be Interested

Apple iPhone XS Max

109900

iOS 12
Apple A12 Bionic hexa-core chipset
12MP + 12MP
Apple iPhone XS

94700

Apple iOS 12
A12 Bionic hexa-core SoC
12MP + 12MP
Apple iPhone X

95390

iOS 11
A11 Bionic 64-bit chipset with M11 motion coprocessor
dual 12MP camera f/1.8 and f/2.8 apertures with dual OIS

new arrivals in india

Best Sellers