This $200 Mask can Fool Apple’s FaceID

“If you happen to have an evil twin, you need to protect your data with a passcode,” marketing vice president Phil Schiller joked during Apple’s iPhone X announcement.

Well, it turns out you don’t need an evil twin because Apple’s Face ID can be hacked using a mask, according to IT security researchers at Bkav.

The researchers didn’t use any special software or hacks to bypass Face ID, instead using a 3D printed frame, makeup, a silicone nose and 2D images, along with special processing on the cheeks and around the face where there are large areas of skin.

The security experts said they were able to bypass the system because they had understood how Apple’s artificial intelligence worked.

“Everything went much more easily than you expect. You can try it out with your own iPhone X, the phone shall recognize you even when you cover a half of your face,” the hackers explained.

“It means the recognition mechanism is not as strict as you think, Apple seems to rely too much on Face ID’s AI. We just need a half face to create the mask. It was even simpler than we ourselves had thought.”

The researchers claim the entire mask used to trick Face ID cost less than $200 to create.

“We used a popular 3D printer. Nose was made by a handmade artist. We use 2D printing for other parts (similar to how we tricked Face Recognition 9 years ago). The skin was also handmade to trick Apple’s AI,” they wrote.

In closing, the security experts had a scary warning for owners of the iPhone X.

“After nearly 10 years of development, face recognition is not mature enough to guarantee security for computers and smartphones,” they wrote.

“As for biometric security, fingerprint is the best.”