How A Pair Of Glasses And Tape Bypassed Apple's Face ID

With mobile phones in practically everyone's hands, they are literally digitizing people's life, as they store more and more information about their owners.

When it comes to securing all users' information inside phones, manufacturers are racing with one another to compete in bringing the smartest, the safest, but also the most convenience method of securing phones. And Apple with Face ID has proven itself to be one of the best and the easiest to use.

But that assumption can be wrong, as researchers from Tencent has proven.

At the 2019 Black Hat security conference, the researchers demonstrated a unique way to bypass Apple's Face ID authentication, using just a pair of glasses with tape on them.

As detailed by the researchers, the pair of glasses and tape can trick Face ID at its own game.

Face ID's sensor detects and scans users' eyes, by detecting the liveness in the black area of the eye with the iris. It was first discovered by Tencent that Face ID apparently won't extract any 3D information from the eye area when it sees a glasses.

"With the leakage of biometric data and the enhancement of AI fraud ability, liveness detection has become the Achilles’ heel of biometric authentication security as it is to verify if the biometric being captured is an actual measurement from the authorized live person who is present at the time of capture," said the researchers said during the Black Hat USA 2019 session.

So here, by using a pair of glasses, one problem goes away.

This 'liveness' detection is also part of the Face ID's biometric authentication process that sifts through “real” versus “fake” features on people. The feature works by detecting background noise, response distortion or focus blur.

By using placing black tape on the lenses and white tape inside the black tape, the researchers tapped their way into this liveness biometric, confusing the system's detection, to finally be able to unlock the iPhone.

The researchers dubbed these glasses the 'X-glasses'.

The X-glasses
The X-glasses

This method does show the weaknesses behind the security and design of liveness detection and biometrics in general. But fortunately, the attack is quite difficult to perform in real world situation.

For example, the attacker must first need to figure out how to put the glasses on the owner of the phone, and ensure that the size is correct and still enough for the Face ID to work. As the researchers noted, the victim must be unconscious, for one, and can’t wake up when the glasses are placed on their face.

Nonetheless, this X-glasses method is very different than previous or any Face ID bypasses that have been swirling around the internet.

Previous attacks have focused on generating fake data to bypass biometrics. From stealing the victims' device fingerprint, generating fake audio and video, and hardware-level inject, as well as involving several moving parts, said Zhuo Ma, with Tencent Security.

But with this X-glasses method, the researchers hope to bypass Face ID by using an actual victim’s face while they are unconscious.

As for the mitigation, the researchers suggested biometrics manufacturers to add identity authentication for native cameras and increase the weight of video and audio synthesis detection.

Apple itself made several notable announcements at the Black Hat security conference, including the company in expanding its security bounty initiative with higher payouts, macOS support, and an iOS Security Research Device program.