In a Test, 3D Model of a Head Was Able To Fool Facial Recognition System of Several Popular Android Smartphones (forbes.com)

← Back to Stories (view on slashdot.org)

In a Test, 3D Model of a Head Was Able To Fool Facial Recognition System of Several Popular Android Smartphones (forbes.com)

Posted by msmash on Thursday December 13, 2018 @02:40AM from the security-woes dept.

Forbes magazine tested four of the most popular handsets running Google's operating systems and Apple's iPhone to see how easy it'd be to break into them with a 3D-printed head. All of the Android handsets opened with the fake. Apple's phone, however, was impenetrable. From the report: For our tests, we used my own real-life head to register for facial recognition across five phones. An iPhone X and four Android devices: an LG G7 Linq, a Samsung S9, a Samsung Note 8 and a OnePlus 6. I then held up my fake head to the devices to see if the device would unlock. For all four Android phones, the spoof face was able to open the phone, though with differing degrees of ease. The iPhone X was the only one to never be fooled.

There were some disparities between the Android devices' security against the hack. For instance, when first turning on a brand new G7 Linq, LG actually warns the user against turning facial recognition on at all. No surprise then that, on initial testing, the 3D-printed head opened it straightaway. [...] The OnePlus 6 came with neither the warnings of the other Android phones nor the choice of slower but more secure recognition.

4 of 123 comments (clear)

Min score:

Reason:

Sort:

Biometrics are generally a bad idea by Seven+Spirals · 2018-12-13 02:48 · Score: 5, Insightful

You can't replace your fingerprints, iris, or head once they are compromised which happens about every 10 minutes these days.
Biometrics are generally a brilliant idea by k2r · 2018-12-13 02:55 · Score: 4, Insightful

Thank you for pointing this out, again.
I'm sure a 4 digit code smeared on the display is a lot safer.
That is the alternative security measure for most people and thus most phones.
Biometrics that are hard to spoof within the 4 tries an adverary has before the device falls back to a 6+ character alphanumeric code are just brilliant and way more secure in real life.
1. Re:Biometrics are generally a brilliant idea by Artem+S.+Tashkinov · 2018-12-13 03:08 · Score: 2, Insightful
  
  You only have six attempts to guess the right password: "If you enter the wrong passcode on an iOS device six times in a row, you'll be locked out and a message will say that your device is disabled."
  Good luck with that. And then it will be locked to your iCloud account which is nigh impossible to remove by anyone other Apple service centers. iPhone protection against theft is probably the best in the industry.
2. Re:Biometrics are generally a brilliant idea by Seven+Spirals · 2018-12-13 03:20 · Score: 4, Insightful
  
  aaand you miss the point ... again. You can change a fucking pin code. You can't change your iris-scan, dumbass. Not to mention the fact that you could have chose to use a password instead of a stupid ass PIN. You could have chose to use a dumbphone/dadphone and not have much information worth stealing on the device anyway, but you had to play Pokemon Go, right? We couldn't drag down your productivity by taking that away, I forgot... sorry.