When Face ID was announced back in September, many shared their concerns regarding the new feature's possible limitations. Though Apple assured users that Face ID would be extremely difficult to deceive, everyone from security researchers to pranksters have been waiting with bated breath for the iPhone X to be released so they could test that claim.
Now, just a week after people actually started getting their hands on Apple's new flagship model, Vietnamese security firm Bkav announced in a blog post it has successfully spoofed Face ID with a fairly rudimentary mask.
Andy Greenberg of Wired addressed the claims in more detail:
It's important to distinguish this type of spoofing attack from an actual hack. At no time did anyone break into Apple's secure enclave, access any Face ID data, or get around the hardware of the system.
As far the spoof goes, Greenberg also notes that in order to pull this trickery off, a person would have to dedicate a good amount of time and effort to the project and have pretty regular access to your face. According to Bkav's researchers, their method requires at least five minutes of 3D facial scanning and measuring, and is therefore not necessarily something the average user would need to worry about:
It's also worth noting that the security firm doesn't specify whether it trained Face ID against the mask.
If you carefully craft a 100% reproduction of a key, you can probably unlock the same tumblers the original does. This is not new tech. Stop talking about it if you refuse to understand it. https://t.co/8OsjJWbVaPIf you carefully craft a 100% reproduction of a key, you can probably unlock the same tumblers the original does. This is not new tech. Stop talking about it if you refuse to understand it. https://t.co/8OsjJWbVaP— Jerry Hildenbrand (@gbhil) November 12, 2017November 12, 2017
In the end, if you've recently purchased an iPhone X, you're no more at risk than you were back when you used your fingerprint to unlock your device. If you remember, when Touch ID launched we saw a similar spate of CSI-style spoofing there as well.
If you're a Bruce Wayne-level elite or a secret agent of some kind, just keep taking the same precautions you did before you upgraded. However, if you're just a run-of-the-mill iPhone wielder like the rest of us average folk, it's super unlikely that your content is in danger.
What do you think about the individuals at Bkav allegedly fooling Face ID? Let us know in the comments.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
Tory Foulk is a writer at Mobile Nations. She lives at the intersection of technology and sorcery and enjoys radio, bees, and houses in small towns. When she isn't working on articles, you'll likely find her listening to her favorite podcasts in a carefully curated blanket nest. You can follow her on Twitter at @tsfoulk.