Cyber Researcher Pulls Public Talk on Hacking Apple's Face ID

Advertisement
By Reuters | Updated: 4 January 2019 10:22 IST
Highlights
  • The cyber-security researcher cancelled a hacking conference briefing
  • Face ID is used to lock down functions on tens of millions of iPhones
  • One in 1 million chance a random person could unlock a Face ID: Apple

A cyber-security researcher cancelled a hacking conference briefing on how he said he could crack biometric facial recognition on Apple iPhones, at the request of his employer, which called the work "misleading."

The prospect that Face ID could be defeated is troubling because it is used to lock down functions on tens of millions of iPhones from banking and healthcare apps to emails, text messages and photos.

Advertisement

There is a one in 1 million chance a random person could unlock a Face ID, versus one in 50,000 chance that would happen with the iPhone's fingerprint sensor, according to Apple.

Face ID has proven more secure than its predecessor, Touch ID, which uses fingerprint sensors to unlock iPhones. Touch ID was defeated within a few days of its 2013 launch.

Advertisement

China-based researcher Wish Wu was scheduled to present a talk entitled "Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms" at the Black Hat Asia hacking conference in Singapore in March. Wu told Reuters that his employer, Ant Financial, asked him to withdraw the talk from Black Hat, one of the largest and most prestigious organisers of hacking conferences.

Ant Financial's Alipay payment system is compatible with facial recognition technologies including Face ID.

Advertisement

Nobody has publicly released details on a successful Face ID hack that others have been able to replicate since Apple introduced the feature in 2017 with the iPhone X, according to biometric security experts. The company has introduced three other Face ID phones: iPhone XS, XS Max, and XR.

Wu told Reuters that he agreed with the decision to withdraw his talk, saying he was only able to reproduce hacks on iPhone X under certain conditions, but that it did not work with iPhone XS and XS Max.

Advertisement

"In order to ensure the credibility and maturity of the research results, we decided to cancel the speech," he told Reuters in a message on Twitter.

An Apple spokesman declined comment.

"The research on the face ID verification mechanism is incomplete and would be misleading if presented," Ant Financial said in a statement.

Black Hat withdrew an abstract of the talk from its website in late December after Ant uncovered problems with the research.

The abstract claimed that Face ID could be hacked with an image printed on an ordinary black-and-white printer and some tape. The only other claim of a Face ID hack was in 2017 by a Vietnamese cyber-security company Bkav, which posted it on YouTube videos. Other researchers have not been able to replicate that attack.

Apple's facial recognition uses a combination of cameras and special sensors to capture a three-dimensional scan of a face that allows it to identify spoofs with photographs or determine if the user is asleep or otherwise not looking at the phone.

It is rare for talks to be pulled from cyber-security conferences such as Black Hat, whose events are attended by professionals looking to understand emerging hacking threats.

Black Hat told Reuters it had accepted Wu's talk because Wu convinced its review board he could pull off the hack.

"Black Hat accepted the talk after believing the hack could be replicated based on the materials provided by the researcher," conference spokeswoman Kimberly Samra said.

Anil Jain, a Michigan State University computer science professor who is an expert on facial recognition, said he was surprised by Wu's claim because Apple has invested heavily in "anti-spoofing" technology that makes such hacks very difficult.

© Thomson Reuters 2019

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Apple, iPhone, Face ID, iPad
Advertisement

Related Stories

Popular Mobile Brands
  1. JioTV Pro Pack With 30 Days Validity Launched in India at This Price
  2. Noise REP Band Launched in India With Screenless Design, Up to 10 Days Battery
  1. Xbox Game Pass Has Reportedly Lost 4 Million Subscribers Since 2024
  2. Google Photos Updated With Video Remix Feature Powered By Gemini Omni
  3. Dell Pro Precision 5, Pro Precision 7, Pro Precision 7 T1 Series Launched in India With Up to Intel Core Ultra Series 3 Chips
  4. Google Search Hits All-Time Usage Record During Argentina’s Dramatic World Cup Win Over Egypt
  5. Apple’s Foldable iPhone on Track to Ship By September, Handset Currently in Mass Production: Report
  6. Oppo Reno 16, Reno 16c Go on Sale in India Alongside Oppo Bubble: Price, Offers, Features
  7. Xiaomi SkyNomad Series EVs Announced With Reconfigurable Cabin, New Kunlun Architecture
  8. iQOO Z11 Lite Colourways, Key Features Revealed; Will Launch in India Later This Month
  9. Global PC Shipments Fell 4.9 Percent in Q2 2026 Amid RAM Shortage, Apple Gains Ground: Report
  10. Obsidian Reportedly Cancels Avowed Sequel to Start Work on New Fallout Game in Wake of Xbox Restructuring
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.