A China-based security researcher withdrew from the prestigious Black Hat Asia conference a presentation on what was advertised as a working Face ID hack after his employer, Ant Financial, deemed it “misleading.”
Wish Wu, who was scheduled to present “Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera and Algorithms” at Black Hat Asia in March, told Reuters on Thursday that he canceled his appearance at the conference at the request of Ant.
Face ID’s facial recognition technology could be defeated with a black-and-white printed image and “some tape,” according to an abstract of Wu’s talk that was removed from the Black Hat website in December. Ant discovered inconsistencies in Wu’s research late last year, causing him to withdraw from the conference, according to the report.
“The research on the face ID verification mechanism is incomplete and, if presented, would be misleading,” the company stated.
Wu concurred with Ant’s assessment, stating that he could only reproduce the hack on an iPhone X under unspecified circumstances. Wu stated that Apple’s iPhone XS and XS Max are unaffected by the attack.
“We decided to cancel the speech to ensure the credibility and maturity of the research results,” Wu told Reuters.
What exactly went wrong with Wu’s research is unknown. Ant, formerly known as Alipay, has supported Apple’s cutting-edge user authentication hardware, including Touch ID and Face ID, for quite some time.
Apple introduced Face ID with iPhone X in 2017, highlighting the speed and accuracy of the biometric security solution. Apple claims that the false positive rate for Face ID is one in a million, whereas Touch ID’s match rate was closer to one in fifty thousand.
Face ID collects depth map and image data of a user’s face using a dot projector, infrared camera, and flood illuminator as part of the TrueDepth camera system. Using this data, the onboard A-series system-on-chip generates a mathematical model of the target face and sends it to a secure enclave for comparison.
Face ID has proven to be highly resistant to impersonation and other physical attacks. In 2017, the Vietnamese security firm Bkav claimed to have defeated the system using a mask; however, other researchers have not been able to replicate the technique.