Forbes Fools Four Android Smartphones with 3D Printed Head Model, but Not Apple’s iPhone X
Recently, Thomas Brewster, who covers security and privacy for Forbes, detailed his experience in using a 3D printed head – modeled after his own – to try and break into several phones of the Apple and Android variety.
Forbes had Birmingham-based 3D printing and scanning company Backface create the head; the process began with 50 cameras combining to take a single shot of Brewster’s head that made up an entire 3D image. The image was loaded into editing software to fix any errors, and the life-size model was then 3D printed out of a British gypsum powder. After a few days, Brewster received the 3D printed model of his head, which cost just over £300 to make.
“You’re then the proud owner of an uncanny, almost-spectral version of your own visage,” Brewster wrote.
Brewster used his real face to register for facial recognition across five phones: the iPhone X, LG G7 ThinQ, Samsung S9, Samsung Note 8, and OnePlus 6. Then, he tested each one with the 3D printed head model to see if he could successfully circumnavigate the phones’ facial recognition. Spoiler alert: while each of the Android phones was tricked, the iPhone was “impenetrable.”
Brewster noted some differences between the various Android phones’ attempts at security – the G7 warns the user right off the bat that the facial recognition can be unlocked by seeing a similar face. But in the middle of the experiment, its facial recognition software updated and became more difficult to trick.
“It’s been long known that many implementations of facial recognition amongst Android phones have been less secure than Apple’s Face ID system. Some of those face recognition systems have been fooled with simple photographs,” the MacRumors staff wrote. “Apple’s Face ID, however, also includes IR depth mapping and attention awareness technology. The attention awareness alone may be enough to explain the inability for a static 3d printed head to unlock the iPhone X. That said, the iPhone X’s Face ID has been fooled in the past with more sophisticated printed 3d heads.”
“The facial recognition function can be improved on the device through a second recognition step and advanced recognition which LG advises through setup,” an LG spokesperson told Forbes. “LG constantly seeks to make improvements to its handsets on a regular basis through updates for device stability and security.”
The S9 also warned users that facial recognition alone was not that secure when used without a password or PIN.
“Oddly, though, on setting up the device the first presented option for unlocking was facial and iris recognition,” Brewster explained. “Whilst iris recognition wasn’t duped by the fake head’s misted-over eyes, facial recognition was tricked, albeit with a need to try a few different angles and lighting first.”
The Note 8 had an option for “faster recognition,” which even the manufacturer admitted was not as secure; however, the 3D printed head was able to unlock the phone on both settings, though the slower one did require more effort in terms of angles and lighting. As the least secure device Brewster tested, the OnePlus 6 did not include a warning or a slower, more secure recognition option and, “despite some sci-fi style face scanning graphics” the phone performed, it immediately opened for the 3D printed head.
“We designed Face Unlock around convenience, and while we took corresponding measures to optimize its security we always recommended you use a password/PIN/fingerprint for security,” a OnePlus spokesperson told Forbes. “For this reason, Face Unlock is not enabled for any secure apps such as banking or payments. We’re constantly working to improve all of our technology, including Face Unlock.”
“Apple’s investment in its tech – which saw the company work with a Hollywood studio to create realistic masks to test Face ID – has clearly paid off,” Brewster wrote.
In addition, Brewster noted that Microsoft’s new Windows Hello Facial recognition was also not tricked by the 3D printed model of his head.
According to Matt Lewis, the research director at cybersecurity contractor NCC Group, a strong alphanumeric password is a far safer option when securing your device than relying on facial recognition alone.
What do you think about this? Discuss this news and other 3D printing topics at 3DPrintBoard.com or share your thoughts in the Facebook comments below.
You May Also Like
Fuel3D Showcases 3D Facial Recognition Technology at Goodwood Festival of Speed
The Goodwood Festival of Speed (FOS) is an annual motoring garden party held at Goodwood House in West Sussex, England, attended by over 200,000 people. The event began in 1993...
Google of the Future Can Learn All About You…and 3D Print Personalized Objects For Your Own Good
“If you have nothing to hide you have nothing to fear.” I have several friends and family members who have introduced smart technology into their homes by way of Google...
US Army Demonstrates Latest 3D Printing, 3D Scanning, Drone Technologies
There are many military applications for 3D printing, from manufacturing grenade launchers and body armor to building drones and customizing military meals. Last year, the US Army released a report detailing its...
3D Printed Device Developed at UW Allows Laser to Wirelessly Charge a Smartphone
As Dr. Evil, and cats everywhere, have conclusively proven, everything is cooler with a laser. What’s definitely not cool is hauling around tangled charging cords or, in my household at...