Bypassing Apple FaceID's Liveness Detection Feature
Apple’s FaceID has a liveness detection feature, which prevents someone from unlocking a victim’s phone by putting it in front of his face while he’s sleeping. That feature has been hacked:
Researchers on Wednesday during Black Hat USA 2019 demonstrated an attack that allowed them to bypass a victim’s FaceID and log into their phone simply by putting a pair of modified glasses on their face. By merely placing tape carefully over the lenses of a pair glasses and placing them on the victim’s face the researchers demonstrated how they could bypass Apple’s FaceID in a specific scenario. The attack itself is difficult, given the bad actor would need to figure out how to put the glasses on an unconscious victim without waking them up.
Alejandro • August 15, 2019 6:53 AM
Basically, all biometrics can be beat given time and a little ingenuity.
There are some special sunglasses out now that reflect IR light back to facial ID cams that messes them up pretty bad. A long billed baseball cap is low tech protection against cameras placed too high. Etc.
Meanwhile, it’s well known facial ID simply doesn’t work with certain facial types at all.
But, Governments and corporations want us to use biometrics in part because they are so easy to take, have and keep for their own purposes.
I would like to see some really smart people emphatically beat biometrics and at the same time come up with a user-centric new form of authentication that transcends passwords. There’s got to be something that works, for us, for a change.