Apple has been pioneering new ways for customers to unlock their phones for years, from passcodes to fingerprint locks, combining both convenience and safety. But the introduction of the brand new iPhone X, and it’s facial recognition lock, has come with some controversy.
Alongside plenty of videos of users using the new feature in weird ways, using pet facial features instead of their own, a group of hackers from Vietnamese security company BKAV say they tricked Apple’s Face ID with this mask.
Using only a $150 3D-printed mask, the company demonstrated in the video above just how easy it was to unlock the iPhone X. BKAV’s vice president of cybersecurity Ngo Tuan Anh used his own face with the mask, which only had cutouts of eyes, a silicon nose and a mouth on a 3D-printed frame.
The caveat in this entire scenario is that the company didn’t reveal how much tweaking was necessary before it got the mask to work. Why is this important?
Tripwire senior systems engineer Paul Norris explained that like any other iPhone, the Apple X requires a passcode before setting up the feature, and that attempts would be limited as result.
“Apple will disable the Face ID after five attempts, and force the user to enter a passcode, which should be secure,” Norris said. “In order to compromise Face ID authentication, the attacker would have to have a detailed map of the face of the user, create a mask that would map the exact details of the victim’s face, unlock the phone within five attempts, and do all of this within 48 hours. This seems like an unlikely sequence of events.”
While it’s interesting to see that it is possible given the right circumstances, skill, and a bit of luck, there is no need to worry about your iPhone X’s safety regarding facial recognition. Instead, users will simply have to rely on their own logic to not accidentally lock it into an odd face that was made by their dog.