Why The “Face ID Hack” Is A Total Non-Issue

Over the last few days, there’s been news that Apple’s new biometric system which is known as Face ID has been pwned by security experts from Vietnam. Bkav Corporation, an tech security biz with offices in the US and Singapore, specializes in bypassing facial-recognition systems. Thus Face ID was a clear target. Allegedly it took less than a week to apparently hack Face ID and showing that they can potentially unlock a phone with a mask of the owner’s face. After registering a user with Face ID, these guys built a 3D printed mask of the test subject using an off-the-shelf 3D printer. They then put 2D printouts of the user’s eyes, upper cheekbones and lips over the mask and added a silicone nose for realism. The creation wasn’t able to defeat Face ID at first, as other folks with the same idea have found. But by sculpting and shading the false nose on one side to imitate shadow along with a few other tweaks, they managed to use the mask to fool the iPhone X into unlocking.

Here’s a video of the hack in action:

Here’s why this is a total non-issue.

If I owned an iPhone X and if someone manages to make a mold of my face, I’ve got bigger problem than someone accessing the contents of my phone. The same is going to be true for you. Frankly, the only scenario that matters here is the one where a hacker gets sufficient information to construct a mold like this without the user knowing. Then the hacker would have to get physical access to the phone to break into it.

Another point is that Face ID doesn’t work if you’re unconscious. So someone beating you up and holding the phone to your unconscious face is a non-starter. Plus you do have the ability to force Face ID off if you have the time to do that. That’s found in the Face ID security guide [Warning: PDF] that Apple Posted. Besides, this is no worse than a thumbprint. And we’ve had fingerprint based unlocking for years. So I fail to see why this is news precisely.

In short, unless you have to worry about the CIA or an intelligence agency like that expending that much time and effort to do all of this, this hack irrelevant as casual thieves are not going to be able to pull this exploit off. Thus Face ID provides adequate protection for your valuable information,  Snapchat conversations or whatever nudie pics that you may have on your phone as apparently that’s a “thing” with some people out there.

File this under “FUD.”


2 Responses to “Why The “Face ID Hack” Is A Total Non-Issue”

  1. […] situation and see if it can enhance its machine learning to mitigate this situation. So, unlike the other Face ID situation that I brought to you earlier today, this one has some takeaways for both Apple and users of the iPhone […]

  2. […] after the iPhone X arrived on the scene, a security firm out of Vietnam claimed to have defeated the key feature of the iPhone X which is Face ID via a specially crafted ma…. I at the time threw cold water all over that. But now the same company is back claiming that […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: