Heavy sleepers should probably not leave their iPhones lying around, after a team of security researchers exposed a vulnerability with the FaceID facial recognition system using an ordinary pair of glasses and two colors of tape.
In the session at Black Hat USA 2019 titled Biometric Authentication Under Threat: Liveness Detection Hacking, researchers from Tencent demonstrated how to exploit a specific vulnerability in FaceID.
Liveness detection is part of the biometric authentication process that separates real facial features from the fake ones. Part of the process is determining whether a person is awake with eyes open, or asleep with eyes closed. If the iris and pupil are not detected, then the device will not unlock.
Meanwhile, Apple’s facial recognition system allows iPhone owners to unlock their devices even while they are wearing glasses. However, once FaceID detects glasses, it skips extracting information from the eye area.
Combining these two features, the Tencent researchers figured out a way to bypass FaceID by sticking black tape on the center of each lens, and then white tape in the middle of each black tape. The black tape and white tape represent the iris and pupil, respectively.
Once the glasses are worn by victims, holding up their iPhone to their faces will trick FaceID and unlock the devices, giving the attacker access.
Regular iPhone owners will not have to worry about the FaceID vulnerability, as it will be difficult to put glasses on sleeping people without waking them up. The exploit will be effective when the victim is unconscious though, which will probably raise more alarms than an unlocked iPhone.
The method presented by the Tencent researchers is similar to the adversarial glasses that have baffled facial recognition systems. There have been other ways of fooling the technology such as a baseball cap studded with LEDs and a mash-up of a mask, but the glasses with tape trick appears to be the easiest to pull off so far.
Apple itself was at the Black Hat conference to announce an expanded bug bounty program that will pay $1 million for researchers who can discover a “zero-click full chain kernel execution attack with persistence.”