Of course, Apple was quickly reminded that not every face is completely unique; twins were able to unlock their siblings’ phones easily. The worst thing that might come of one twin hacking into another’s phone might be some inappropriate text messages to crushes, but what if a “twin” could be created for the purpose of breaking into the phone of a high-ranking business or government official? Cybersecurity company Bkav recently proved that Face ID could be fooled by a 3D printed mask, though the company did admit that it would be hard to reproduce such a mask without sophisticated 3D scanning equipment and detailed knowledge of how Apple’s AI system works.
“About 2 weeks ago, we recommended that only very important people such as national leaders, large corporation leaders, billionaires, etc. should be cautious when using Face ID,” said Ngo Tuan Anh, Bkav’s Vice President of Cyber Security. “However, with this research result, we have to raise the severity level to every casual users: Face ID is not secure enough to be used in business transactions.”
When the iPhone X was launched, Apple issued a recommendation that anyone with an identical twin protect sensitive information with a passcode, and Bkav now says that Apple should caution all users to use a passcode to protect sensitive data. Which raises the question – why not just use a passcode to unlock phones in the first place? Yes, they can be hacked, but so, apparently, can facial ID data. The most secure way to protect a phone, said Bkav, is still a fingerprint. While those too can be reproduced using 3D printing, it’s much more difficult – especially because now Bkav has been able to create detailed 3D scans of people’s faces simply by setting up hidden cameras at various angles around a room and using photogrammetry.
“Security should approximate to absolute, and AI should only be a supplement, not the sole security base for Face ID like the way Apple is working on,” said Nguyen Tu Quang, CEO of Bkav. “AI, in any way, is now still human-made and it does at its best based on the experience of its creators and trainers, here is Apple. Thus, anyone who is more experienced than the creator can bypass it.”
See how easily Bkav beat Face ID below:
Discuss this and other 3D printing topics at 3DPrintBoard.com or share your thoughts below.
[Source/Images: Bkav]