Apple’s iPhone Face ID can be Hacked in Less Than 2 Minutes. In just 120 seconds, security researchers at the annual Black Hat hacker convention in Las Vegas managed to bypass the iPhone FaceID user authentication. You may be surprised by how they did it, but should it also worry you?
Table of Contents
Apple’s iPhone Face ID can be Hacked in Less Than 2 Minutes
Black Hat is always guaranteed to produce some exciting security headlines, and certainly not disappointed by this year’s convention. Everything from a demonstration of how to intercept and manipulate WhatsApp messages to Microsoft confirming, for example, that it had paid hackers $4.4 million (£ 3.6 million). However, what Tencent researchers did is pretty hard to beat for sheer ingenuity and that “WTF” factor.
What did the experts do?
The researchers have been able to demonstrate that in less than 120 seconds they can bypass the victim’s FaceID user authentication and access the victim’s iPhone. They needed three things to do this: a pair of spectacles, some tape and, erm, a sleepy or unconscious user of the iPhone.
Researchers found a flaw in the biometric authentication system’s liveness detection function that Apple uses to unlock an iPhone using FaceID. During the session, Threatpost reported, the researchers said that “life detection has become the Achilles ‘ heel of biometric authentication security as it is to verify whether the biometric being captured is a true measurement of the authorized live person present at the time of capture.”
Also Read: How to sign up for the Twitch Studio Beta
This is to get around the problem that so many biometric ID systems suffer from the help of wax hands or 3D-printed heads bypassing the authentication by hackers. It’s clever stuff and prevents, for example, someone from unlocking an iPhone while the owner is asleep.
Except that it’s not. Assuming you can follow the hacking process that Tencent has proved, which in most situations is comparatively unlikely. Not that the method is not unusual and has that wow-factor, but to pull off in the real world would be a difficult one. Using a sleeping victim’s finger would be much simpler to access a TouchID-protected iPhone.
Also Read: Apple has just released iOS 13 beta 6
All these kinds of hacks require both the device and the unresponsive owner physical access. I don’t think you have to lose too much sleep over this one ironically.
How does the hack of FaceID work?
Researchers discovered that if the owner recognizes wearing glasses, the FaceID liveness process would not extract full 3D data from the area around the eye. Rather, it looks for the iris to have a black area for the eye with a white point on it.
Thus the researchers created in the center a pair of white tape spectacles covered by black tape. A hole in the black tape allowed FaceID to see the “white dot.” This is sufficient to fool FaceID and unlock your iPhone.
But it’s also the last time in connection with the hack that you can use the word “simply.” The researchers showed, of course, how they put the “X-glasses” on a “sleeping” victim, unlocked the iPhone and managed to transfer money through mobile payment. But in the real world, you try to do that.
By any means, it’s not impossible, but it requires a sleeping or unconscious victim who happens to have an iPhone protected with FaceID and who won’t wake up when you put a couple of specs on their face.