Slashdot Mirror
In a Test, 3D Model of a Head Was Able To Fool Facial Recognition System of Several Popular Android Smartphones (forbes.com)
Forbes magazine tested four of the most popular handsets running Google's operating systems and Apple's iPhone to see how easy it'd be to break into them with a 3D-printed head. All of the Android handsets opened with the fake. Apple's phone, however, was impenetrable. From the report: For our tests, we used my own real-life head to register for facial recognition across five phones. An iPhone X and four Android devices: an LG G7 Linq, a Samsung S9, a Samsung Note 8 and a OnePlus 6. I then held up my fake head to the devices to see if the device would unlock. For all four Android phones, the spoof face was able to open the phone, though with differing degrees of ease. The iPhone X was the only one to never be fooled.
There were some disparities between the Android devices' security against the hack. For instance, when first turning on a brand new G7 Linq, LG actually warns the user against turning facial recognition on at all. No surprise then that, on initial testing, the 3D-printed head opened it straightaway. [...] The OnePlus 6 came with neither the warnings of the other Android phones nor the choice of slower but more secure recognition.
There were some disparities between the Android devices' security against the hack. For instance, when first turning on a brand new G7 Linq, LG actually warns the user against turning facial recognition on at all. No surprise then that, on initial testing, the 3D-printed head opened it straightaway. [...] The OnePlus 6 came with neither the warnings of the other Android phones nor the choice of slower but more secure recognition.
At least in the US, yes, the 4 digit PIN smeared all over your device is a lot safer. You see, that 4 digit PIN has been declared to be protected under the 4th amendment. Fingerprint scans and facial recognition hasn't. So nobody needs to try to spoof it, they can just force you to unlock it and hold you in contempt until you do.
Considering that humans could quite possibly be fooled by a 3D printed head in similar conditions, I'm actually very impressed they weren't all cracked. I also think this is an edge case scenario- Your phone is taken by someone who has the data, resources, and the will to make a 3D model of your head just to open it. Usually people would point to the government as a possible culprit here, but the government doesn't need to go to these lengths, they can use your actual face.