FB pixel

Black Hat presentation on spoofing Face ID cancelled over incomplete research


A presentation on defeating Apple’s Face ID biometrics scheduled for Black Hat Asia in March has been cancelled after the presenting security researcher was asked by his employer to withdraw it, according to Reuters.

Researcher Wish Wu was scheduled to give a talk titled “Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms,” but his employer Ant Financial asked him to withdraw the presentation, saying it is “incomplete,” and if presented in its current form could be “misleading.” Payments through Ant Financial can be secured with facial recognition, including Face ID.

No hack has been successfully performed and reproduced against Face ID since it was released in 2017, Reuters reports, but a successful spoof attack against its iPhone biometric predecessor Touch ID was confirmed shortly after its release in 2013.

Wu told Reuters that he agreed with the decision to withdraw, and that he could only reproduce the hacks against the iPhone X, not the iPhone XS or XS Max, and only under certain conditions. The abstract of the presentation, which was withdrawn from the Black Hat website in late December, said that an image printed on a normal black-and-white printer, along with some tape, could be used to defeat Face ID.

Vietnamese security company Bkav posted a purported Face ID hack to YouTube in 2017, but the hack has not been replicated by other researchers.

“Black Hat accepted the talk after believing the hack could be replicated based on the materials provided by the researcher,” conference spokeswoman Kimberly Samra told Reuters. Michigan State University professor and biometrics expert Anil Jain said he was surprised by the claim because of Apple’s heavy investment in anti-spoofing technology.

Black Hat Asia 2019 will be held in Singapore in March.

A Forbes reporter recently used a custom 3D-printed head to perform successful spoof attacks on several Android facial recognition systems, but could not fool Face ID. Next generation iPhones are expected to include a more powerful flood illuminator to reduce failed unlock attempts.

ISO provides certification for Presentation Attack Detection (PAD) for facial and other biometrics through labs such as iBeta, and FaceTec scored a perfect score on its Level anti-spoofing test in 2018.

Article Topics

 |   |   |   | 

Latest Biometrics News


Age verification comes to social media as age of unregulated use nears an end

If trends continue, social media is set to follow in the path of cigarettes: an activity benefitting early from lax…


AI can save UK govt £40B annually, transform public services: Blair Institute

AI will soon be used to pre-check applications for correct information, triage cases by calculating complexity and routing them appropriately,…


Papua New Guinea completes national data protection and governance policy

The Ministry of Information and Communications Technology has announced the completion of the national data protection and governance policy, marking…


Interpol issues call for biometrics firm to provide mobile data collection devices

Interpol has issued a tender for mobile ​​biometric collection (MBC) devices for collecting fingerprints and facial images. Specifically, the project…


ICE, CBP sued for details on migrant data sharing agreements

Digital rights advocacy group Access Now is suing the U.S. Customs and Border Protection (CBP) and Immigration and Customs Enforcement…


French travel minister joins UK lawmakers in floating EES postponement

The European Union’s biometrics-based travel scheme is raising concern in France with the local transport minister not excluding postponement. Minister…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events