Cyber Researcher Pulls Public Talk on Hacking Apple's Face ID

The possibility that Face ID may be defeated is troubling because it is used to lock functions on tens of millions of iPhones from banking and health care programs to mails, text messages and photos.

There is a one in 1 million chance that the random person could unlock a Face ID, versus one in 50,000 chance that could occur with the iPhone’s fingerprint detector, according to Apple.

Face ID has shown more secure compared to its predecessor, Touch ID, which uses fingerprint sensors to unlock iPhones. Touch ID was defeated in a couple of days of its 2013 release.

Wu told Reuters his employer, Ant Financial, requested him to draw the discussion from Black Hat, one of the greatest and most prestigious organisers of hacking conventions.

Ant Financial’s Alipay payment method can be used with facial recognition technology including Face ID.

Nobody has publicly published details on a successful Face ID hack that others have been able to replicate since Apple introduced the attribute in 2017 using the iPhone X$74,999, according to biometric security specialists. The business has introduced three other Face ID mobiles: iPhone XS$93,436, XS Max$103,074, and XR.

Wu told Reuters that he agreed with the decision to withdraw his conversation, saying he was just able to replicate hacks on iPhone X under specific conditions, but it didn’t work with iPhone XS and XS Max.

“In order to guarantee the authenticity and maturity of their study results, we decided to cancel the speech,” he told Reuters at a remark on Twitter.

An Apple spokesman declined comment.

“The study on the face ID verification mechanism would be incomplete and could be misleading if introduced,” Ant Financial said in a statement.

Black Hat withdrew a abstract of this talk from its website in late December after Ant discovered problems with the research.

The abstract maintained that Face ID could be hacked using an image printed on a normal black printer and a few tape. The only other claim of a Face ID hack was 2017 by a Vietnamese cyber-security company Bkav, which posted it on YouTube videos. Other investigators have yet to be able to replicate that attack.

Apple’s facial recognition uses a combination of cameras and unique sensors to catch a three-dimensional scan of a face that allows it to spot spoofs with photos or figure out if the consumer is asleep or otherwise not looking at the telephone.

It is rare for talks to be pulled out of cyber-security conventions like Black Hat, whose events are attended by specialists seeking to understand emerging hacking threats.

Black Hat told Reuters it had approved Wu’s talk because Wu persuaded its review board he could pull off the hack.

“Black Hat accepted the conversation after believing that the hack could be reproduced based on the materials furnished by the researcher,” summit spokeswoman Kimberly Samra said.

Anil Jain, a Michigan State University computer science professor who’s an expert on facial recognition, said he was amazed by Wu’s claim because Apple has invested heavily in”anti-spoofing” technologies that makes these hacks very difficult.


Please enter your comment!
Please enter your name here