Face ID cracked with an elaborate mask

28 November 2017
A couple of weeks ago, the same cyber security research firm was able to crack Face ID using a previous version of this mask.

Sort by:

  • ?
  • Anonymous
  • phh
  • 30 Nov 2017

yee, 30 Nov 2017why people are so fussed about this tech. android had very... moreAndroid used the camera to take 2D pictures of the user's face and compare it to the one saved in the system unlock.

iPhone uses infra-red 3D mapping to scan a user's face and detect the full shape of the face in 3D.

Android's picture unlock - easy bypass by anyone who has access to your phone.
iPhone face unlock - can only be bypassed by creating a complex face mask of the user's face.

    • y
    • yee
    • n5D
    • 30 Nov 2017

    why people are so fussed about this tech.
    android had very similar thing few years back and guess what. nobody uses it from people i know.
    sorted!
    If they want to have secure unlock they should use DNA sampler lol

      • t
      • thefuture
      • kaC
      • 29 Nov 2017

      1)iris scanning
      2)Fingerprint reader
      3)face id

        • ?
        • Anonymous
        • PTc
        • 29 Nov 2017

        AnonD-711468, 29 Nov 2017Animojis is not particularly innovative in any consequentia... moreLOL... android already has your precious "passive biometrics" sure it's not implemented the same as FaceID but same outcome scan face or eyes for unlock. Bezzelless phones have been around in android for years and they have higher screen to body ratio so no win for apple there either. Android processors are plenty fast for day to day activities BUT the new apple chip is very impressive and does pull ahead in some areas.

          • D
          • AnonD-711468
          • 3A7
          • 29 Nov 2017

          AnonD-249626, 29 Nov 2017Nice innovation on the emoji . Remind me of Tom cat .Animojis is not particularly innovative in any consequential manner.

          I was talking about passive biometrics, highest screen to body ratio than any other phone of its size (basically smallest bezels) and desktop-grade CPU ... yeah, all those are industry leading, i.e. innovative.

            • D
            • AnonD-704058
            • P04
            • 29 Nov 2017

            As an Android user I think Face ID is very reliable and safe, why to bash on it if next year many Androids phones will be implementing and you'll be cornered with your opinion (Apple did this so many times, screen size, cpu cores, memory, etc, and then played the same game)?

            For me, I just prefer fingerprint reader because it is simply faster. If you do imagine a number of different situations and conditions where you need to unlock your phone (on bus, subway, when driving, on bed, on bar, on crowded places, from pocket to quick look, etc) I think in general that FPS is just more pratical.

            If Apple had put a FPS on back, it would been a win/win situation to Apple users.

            All in all, Android and iOS has more in commom than people thinks.
            But, I prefer Android because iOS is kind of hard to connect, transfer things to and from it, etc, and you do need specific software to do it. Screen used to be very small on iPhones (not anymore) and it is overpriced.
            However, I always liked iOS gaming performance.

              • D
              • AnonD-24741
              • mY{
              • 29 Nov 2017

              Anonymous, 28 Nov 2017yes but u still need that persons phone and not just the ma... moreYou need to have the phone when you steal it?
              I did not know captain obvious was a member of this community! :)

                Maybe newer units of the iPhone X will fix this issue

                  • f
                  • fug
                  • PGq
                  • 29 Nov 2017

                  Anonymous, 29 Nov 2017There is a quick way to disable for exactly the FBI scenari... moreAfter disabling face id, the phone becomes an iphone 5. Lousier than iphone 8

                    • ?
                    • Anonymous
                    • v3F
                    • 29 Nov 2017

                    Still proves that Face ID is hard to crack. For all that effort, biometric fingerprint sensors are much more easier to break into if we were to compare both.

                      • ?
                      • Anonymous
                      • Trp
                      • 29 Nov 2017

                      S, 29 Nov 2017I like to see if the FBI cracking the Iphone X by scanning ... moreThere is a quick way to disable for exactly the FBI scenario.

                      https://www.macworld.com/article/3236793/ios/how-to-quickly-and-discreetly-disable-face-id-on-the-iphone-x.html

                        • S
                        • S
                        • iwj
                        • 29 Nov 2017

                        I like to see if the FBI cracking the Iphone X by scanning the phone in front of the user...So easy to turn on the phone.

                          • D
                          • AnonD-249626
                          • KSE
                          • 29 Nov 2017

                          AnonD-711468, 28 Nov 2017Of course it's better. It's not even in the same universe o... moreNice innovation on the emoji . Remind me of Tom cat .

                            • ?
                            • Anonymous
                            • tZ0
                            • 29 Nov 2017

                            It is all gimmick to increase the price. They build to hunting your money not your heart. If the practical unlock system it must be fingerprint. If you are a VIP then they should build the Mr Incredible unlock systems, it will force you unlock with you palm, Iris, face and butt as well!

                              • ?
                              • Anonymous
                              • Ibx
                              • 29 Nov 2017

                              jmtm, 28 Nov 2017god... iphone's face id is amazing. period. if someone is t... moreThe point is that it's not that hard, actually. And will only get easier. Technology for hacks also progresses and tends to become dead simple and cheap, like everything else.

                              If you don't want your phone broken into use a password. Everything else is more or less security theater.

                                • ?
                                • Anonymous
                                • Ibx
                                • 29 Nov 2017

                                jmtm, 28 Nov 2017god... iphone's face id is amazing. period. if someone is t... moreBut a password will. Easily. Even government agencies already are stuck and can't do it.

                                  • j
                                  • jmtm
                                  • q{c
                                  • 28 Nov 2017

                                  god... iphone's face id is amazing. period. if someone is that desperate to break in someone's phone, they will break in eventually. no finger print / iris / face id will stop that.

                                    • D
                                    • AnonD-216585
                                    • Jyx
                                    • 28 Nov 2017

                                    Multi id scan is the future. With old gold pass key in head or on paper.

                                      • ?
                                      • Anonymous
                                      • IbE
                                      • 28 Nov 2017

                                      Saying, as this article does, that one difficulty of the attack is requiring "undisturbed access" to the phone is ridiculous. Um, I stole or seized your phone; that is exactly the scenario in which someone would then attempt to break into the phone; so by definition you already have "undisturbed access."

                                      That aside, at the end of the day any system that relies on fingerprints or the image of a face is inherently insecure, because this is essentially publicly available information. Your face is viewable, photographable, and you can probably download an image of it from the internet. You leave your fingerprints everywhere, including on the phone itself.

                                      These attacks may seem technically sophisticated and requiring special equipment, but that will only get easier and cheaper and more available with time.

                                      Further, people worry about a thief getting into the phone. But another likely scenario for a lot of people in the world is having their phone seized by law enforcement officers or other authorities, often with no real justified cause. In this scenario, where you may not want your phone accessed to search for information to use against you, where you may not want your privacy summarily violated, all they have to do is hold the phone up to your face to unlock it. A password is always better when dealing with authorities who are apt to abuse their power. Convenient biometrics for you is also convenient for someone who has seized your phone and bodily detained you.

                                      In the end, biometrics only stops the least sophisticated petty criminals (and soon perhaps not even them).

                                        • D
                                        • AnonD-711468
                                        • 3A7
                                        • 28 Nov 2017

                                        Anonymous, 28 Nov 2017I think pattern is the best and most secure option for lock... moreThe most secure is password. Second is pattern, third is pin and biometrics (of any kind) are last.

                                        Then again biometrics are secure *enough* and that's what matters . After getting used to biometrics (especially passive ones) nobody would be caught dead even punching a password or making silly patterns on screen.

                                        Security has to be "good enough", after that it's all about comfort. If it's not comfortable to use, it's bad tech (pattern and password are both bad tech, pin is a bit better, fingerprint even better, and passive biometrics the best!)