Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Researchers Demonstrated Method for Bypassing Face ID on an 'Unconscious' Victim's iPhone Using Glasses and Tape

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
68,083
38,826



During the Black Hat USA conference in Las Vegas, researchers demonstrated a Face ID bypass method that used glasses and tape to unlock and infiltrate the iPhone of an "unconscious" victim.

According to a report from Threatpost (via iMore), researchers from Tencent aimed to fool the "liveness" detection feature in biometrics, which is meant to distinguish "real" from "fake" features on people.

faceidbypass-800x585.jpg

Liveness detection, said the researchers, detects background noise and response distortion or focus blur, allowing it to make sure that a face is a real face and not a mask. This liveness detection is used by Face ID, and Apple even has an "Attention Aware" feature that makes sure your iPhone doesn't unlock unless you're looking at it.

To trick Face ID, the researchers created prototype glasses with black tape on the lenses and white tape inside the black tape to emulate the look of an eye. When putting the glasses over a sleeping victim's face, they were able to access his iPhone and send themselves money through a mobile payment app.

This method worked because the researchers found that liveness detection works differently with glasses and essentially doesn't extract 3D information from the eye area when glasses are worn.
They discovered that the abstraction of the eye for liveness detection renders a black area (the eye) with a white point on it (the iris). And, they discovered that if a user is wearing glasses, the way that liveness detection scans the eyes changes.

"After our research we found weak points in FaceID... it allows users to unlock while wearing glasses... if you are wearing glasses, it won't extract 3D information from the eye area when it recognizes the glasses."
Click to expand...
An attacker attempting to use this method in the real world would need a victim that's sleeping or unconscious, access to that victim's iPhone, and then glasses would need to be placed over the eyes without waking the person up. It's worth noting that this isn't a situation most people are likely to run into, and there's also no secondary research on this alleged method this time.

To mitigate the eye detection loophole in the future, researchers suggested biometrics manufacturers add identity authentication for native cameras and "increase the weight of video and audio synthesis detection."

Apple has designed Face ID with easy access disabling measures for situations where a person might be coerced or forced into unlocking an iPhone with facial recognition. Pressing on the sleep/wake button of a Face ID-enabled iPhone five times in rapid succession brings up an emergency SOS screen that automatically disables Face ID and requires a passcode to be entered before Face ID works again. Pressing and holding the side/top button and a volume button also works on the iPhone and the iPad Pro.

Article Link: Researchers Demonstrated Method for Bypassing Face ID on an 'Unconscious' Victim's iPhone Using Glasses and Tape
 
Article Link
https://www.macrumors.com/2019/08/08/face-id-bypassed-glasses-tape/
Article quote:

An attacker attempting to use this method in the real world would need a victim that's sleeping or unconscious, access to that victim's iPhone, and then glasses would need to be placed over the eyes without waking the person up.”

Yeah, because this is a real easy to bypass the users Face using this method. :rolleyes:
 
  • Like
Reactions: Lappen71, eltoslightfoot, Hi Tek and 28 others
I appreciate these findings because it challenges Apple and others to improve the security of devices as we move to biometrics. But I highly doubt someone could slap some glasses on my face and I not wake up... moreover if what’s in my phone is this important that you’d make a pair of Face ID cooling glasses. I doubt I’d be around you anyway
[doublepost=1565302156][/doublepost]Weekend at Bernie’s type crap lol
 
  • Like
Reactions: eltoslightfoot, kironin, Hi Tek and 22 others
This is a bit of a reach. I think for Face ID to be fooled by such a ridiculous circumstance just goes to show how hard they’ve tried to ‘break’ it — I highly doubt this was their first attempt or idea for how to circumvent it.

It’s a far cry from a photograph fooling facial recognition.
 
  • Like
Reactions: Lappen71, eltoslightfoot, AngerDanger and 31 others
CLS727 said:
does touch ID still work if the person is dead? cold fingers, etc

asking for a friend
Click to expand...

In theory, ultrasonic fingerprint sensors are better for liveness detection because it scans the blood capillaries for blood flow. Touch ID is old technology that relies on capacitive properties.

Again, in theory, facial detection would not detect a beaten up victim wearing X-glasses.
 
  • Like
Reactions: Hi Tek and konqerror
Face ID is still more secure than Touch ID... the work needed to bypass it is way more than just use the fingerprint of someone (you don't even have to touch them, if you align the phone to touch it directly)
 
  • Like
Reactions: Xirian and ohio.emt
Reporting on this "research" is just giving these people the attention they want.

How many people in real life would go into that much trouble to unlock someone else's phone? If I'm a victim and held in captivity, I'd willingly unlock my phone for you so you can drain the $500 I have in my bank account.
 
  • Like
Reactions: Azzin and 5105973
This reminds me of the scenarios people came up with when FaceID was first announced:

“A person could just grab my phone out of my hands, shove it in my face, then run away with it!”

If the person was smart, they would wait until you unlocked it yourself before grabbing it, regardless of which security method you’re using.

Plus you’re assuming that the person is able to grab the phone, wake the screen, make sure it’s at a correct distance, give it a second to scan your face, and verify that it unlocked all without you reacting in any way.

This is an interesting bypass, and a good way to challenge Apple to improve FaceID imo. But the real-world practicality is very low.
 
  • Like
Reactions: AngerDanger, Hi Tek, Stryder541 and 6 others
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back