Apple’s Face ID can reportedly be bypassed with glasses and tapes
While we know that Apple’s Face ID is much more secure than other Android smartphones, it is still not perfect. Apple is using dedicated hardware for scanning faces on its iPhones while Android OEMs use software to scan its users which is less secure.
Having said that, we know both Apple and Android’s Face-Scanning can be bypassed if you have identical twins or siblings with similar facial features.
Now, a new way has been found by security researchers at Tencent on bypassing the Face ID found on Apple iPhones. It has been revealed that Apple’s Face ID works on the basis of scanning your 3D information from the eye area. However, ThreatPost reveals that Face ID fails to “extract 3D information from the eye area when it recognizes the glasses.”
Here is how the Face ID flaw was found out:
To launch the attack, researchers with Tencent tapped into a feature behind biometrics called “liveness” detection, which is part of the biometric authentication process that sifts through “real” versus “fake” features on people. It works by detecting background noise, response distortion or focus blur.
Researchers specifically honed in on how liveness detection scans a user’s eyes. They discovered that the abstraction of the eye for liveness detection renders a black area (the eye) with a white point on it (the iris). And, they discovered that if a user is wearing glasses, the way that liveness detection scans the eyes changes.
These glasses called the “X-glasses” have to be physically worn by the person owning the iPhone to bypass Face ID. Now, this is still a challenge because, given the threat, no one would be ready to wear these glasses. Apple has also revealed that it is offering $1 Million for anyone who is able to hack into its iPhones as part of the Bug Bounty program.