Barely one week after the highly anticipated launch of Apple's new iPhone X, security researchers are claiming they were able to defeat its Face ID facial recognition security feature using a carefully crafted mask worth approximately $150.
In theory, such an exploit could allow criminals who steal or gain physical access to an individual's iPhone to unlock it by pointing the phone's camera at a mask designed to trick Face ID's artificial intelligence.
The malicious mask was created by researchers at Vietnam-based security firm Bkav, using a combination of special processing, 3D printing, and makeup and 2D images including a silicone model nose. To the naked eye, the end result doesn't look that convincing, with only the eyes, nose and mouth area exposed, while the remainder of the mask is specially processed in a manner that looks as if it's been cast in plaster or wrapped in white bandages. But it's reportedly enough to trick Face ID, which Apple programmed to construct a mathematical representation of a device owner's visage by combining a depth map of his or her face with a 2D infrared image.
Currently, such an exploit would be too time-consuming, expensive and impractical to use on any kind of massive scale. But in an FAQ web page describing its methodology, Bkav warns that a highly targeted attack could plausibly be levied against an important world leader or corporate leader whose iPhone fell into the wrong hands.
At the iPhone X's launch event, Apple Senior Vice President Phil Schiller said that company researchers successfully trained its Face ID neural network to distinguish between real and fake facial images by using masks created by Hollywood make-up artists. But according to the Bkav researchers, the flaw in this strategy is that the masks' designers didn't truly understand how the technology works.
“It is quite hard to make the ‘correct' mask without certain knowledge of security. We were able to trick Apple's AI...because we understood how their AI worked and how to bypass it,” the Bkav FAQ page states. “Take the nose of our mask for example: its creation is not complicated at all. We had an artist make it by silicone first. Then, when we found that the nose did not perfectly meet our demand, we fixed it on our own. Then the hack worked."
Furthermore, the Bkav researchers reported that designing a mask that fools Face ID was easier than they imagined, as the recognition mechanism is “not as strict as you think,” with only half a face needed to create a masks that defeats the security measures. “Apple has done this not so well,” claims Bkav, suggesting that Apple's rush to market may have resulted in a security feature that was inferior to its predecessor, Touch ID, which required only a fingerprint to unlock a phone.
Last month, Apple disputed claims that it ordered manufacturers to lower the accuracy of its face recognition to make the iPhone X easier to produce.
Some experts have downplayed the seriousness of Bkav's findings, considering the effort that needs to be put into their method of attack. “Detailed dimensions would have to be taken to create the mask, and the security firm alluded to the fact that they had to use a special material on the mask too," said Paul Norris, senior systems engineer, EMEA, at Tripwire, adding, “What they didn't disclose was how many attempts and what level of effort it took to get the mask to work flawlessly.”
“In order to compromise Face ID authentication, the attacker would have to have a detailed map of the face of the user [and] create a mask that would map the exact details of the victim's face,” Norris continued. Furthermore, the attacker would have to avoid scenarios in which the iPhone X does not accept Face ID and requires an Apple passcode to unlock itself – including after a phone is restarted, after five unsuccessful attempts at matching a face, and if the device hasn't been unlocked for 48 hours.
And of course, any attack of this sort would have to be uniquely tailored to each target. “It's important to note that the attacks being talked about are individual ‘bespoke attacks' that must be built and executed against each victim separately,” said Terry Ray, CTO of Imperva. “This is in addition to stealing the individual's phone and getting access to it before the owner can remotely wipe the device. Is your data so valuable that someone would go to this effort?”
Still, Ray acknowledged that over time, cybercriminals will only get better at finding ways to defeat the iPhone's X's biometric defenses. Fortunately, anyone who is concerned about this can simply disable the Face ID feature and rely solely on passcodes, he added.