iPhone X’s Face ID supposedly got hacked. We have questions

A Vietnamese security software company says it tricked Face ID, which Apple touts as more secure than Touch ID.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
5 min read

Hackers from the Vietnamese security company BKAV say they tricked Apple's Face ID with this mask.


Did Apple's vaunted Face ID facial recognition system on the iPhone X already get hoodwinked?

That's what a Vietnamese security company says it did -- using only a $150 3D-printed mask. BKAV uploaded a video demonstration as a proof of concept on Friday, showing an iPhone X unlocking after exposing it to a customized mask, which only had cutouts of eyes, a silicon nose and a mouth on a 3D-printed frame.    

Ngo Tuan Anh, BKAV's vice president of cybersecurity, then unlocked the Face ID using his own face, to show that it worked on his too. You can see it here.

Face ID is one of the signature features on Apple's flagship iPhone X. While facial recognition isn't new, Apple says it's created the most secure version yet.

Skeptics were quick to predict that someone would be able to fool Face ID after it was unveiled in September. Facial recognition has shown its pitfalls before, with hackers tricking security by putting a photo in front of the camera. Apple points out that it uses infrared sensors and mapping dots to scan for 3D images. The company even went as far as working with Hollywood mask makers to train the biometric against falling for props.

BKAV, which built a reputation on fooling facial recognition, quickly touted toppling Face ID, writing that Apple didn't have enough "scientific and serious estimation before deciding to replace Touch ID with Face ID."   

Apple declined to comment, referring to its Face ID security report for details. In the security guide, last updated this month, Apple wrote that Face ID had "an additional neural network that's trained to spot and resist spoofing," including from masks like BKAV's.  

Watch this: Hackers claim to trick iPhone X Face ID with mask

But there are a few issues with the methods behind the video, none of which BKAV's blog post quite answered. Typically, with a major security flaw, researchers will publish a technical paper revealing how they found it, and who is vulnerable, showing the methodology behind the discovery.

BKAV, which is also trying to break into the phone business, hasn't provided those details, but said it would answer questions in a press conference this week. BKAV didn't respond to a request for comment, but here are our questions.

What's registered on BKAV's iPhone X's Face ID?

A mask could easily unlock an iPhone X if it's the "face" that's actually registered with Face ID.

BKAV failed to walk viewers through its research process, and this is a glaring hole in its transparency. You can register Face ID on anything with a face, including the mask.

Because Face ID runs on artificial intelligence that learns each time it's used, the algorithm could have been trained to learn the human's face based off the mask in reverse.

How often did they try to use Face ID and fail?

Like the previous question, this one is important to note based on how Face ID's algorithm learns. If your Face ID scan fails five times, you're forced to enter a passcode.

Each time you enter a passcode, Face ID learns the new scan and registers it as a positive entry.

"If Face ID fails to recognize you, but the match quality is higher than a certain threshold and you immediately follow the failure by entering your passcode, Face ID takes another capture and augments its enrolled Face ID data," Apple said in its white paper.

It's entirely possible that the masks could have failed more than five times, and after the researchers entered the passcode, it registered the mask as a positive scan to work in the future.

But BKAV said that it "applied the strict rule of 'absolutely no passcode' when crafting the mask," which would mean that the mask fooled Face ID in less than five attempts. The company never specified how many attempts it made.

How long did it take to make the mask?

The "no passcode" rule makes this task particularly tough.

Face ID has to be used about every four hours, or else it'll prompt the person to enter a password. The facial recognition is also disabled if the iPhone X hasn't been unlocked for more than two days.

BKAV said in its Q&A that it started working on the mask, including 3D models and the silicon nose, after it received the iPhone X on Nov. 5.

That would give them a 48-hour window from the moment they turned the device on to create a mask that worked. They did not specify how long it took to create the spoof.

The mask would also have to trick Face ID within the first four hours after registering the human face. It's not impossible, but that's an impressive number of hurdles to jump in a short amount of time without using a password, as BKAV said.

How practical is this?

When Face ID was first announced, there was a lot of discussion about how secure the facial recognition was. A major consideration was a person's threat model: looking at what risks that you as an individual encounter.

If your threats are a pickpocket at a bar, it's highly unlikely the thief will also have your facial structure and a scan of your face ready to 3D-print and unlock your phone with. BKAV said the potential targets wouldn't be people with average threat models, it would be "billionaires, leaders of major corporations, nation leaders."

Again though, the discovery prompts the question, even for billionaires and politicians: How likely is it someone will lose their iPhone X to a thief who also has a scale model of their face printed, with an accurate printout of their eyes, nose and mouth, and get it done in 48 hours?

"This seems like an unlikely sequence of events," said Paul Norris, a systems engineer at security company Tripwire.

BKAV said it used a detailed scan to develop the mask, which took about five minutes to finish. It also used a professional artist to create the nose, which failed at first, and "hand-made" the skin.

These requirements to create the mask reach such a high standard that it seems like it would be almost impossible to replicate this scenario in an actual attack. 

The Smartest Stuff: Innovators are thinking up new ways to make you, and the things around you, smarter.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.