Fake Face Fools Fones

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Forbes has added to the ever-growing pantheon of ways to trick biometrics by printing a 3D head and using it to break into Android phones.

We’ve long known how easy it is to spoof static authentication by holding up a 2D picture to a camera, as Google found out after filing a patent to let users unlock their phones by, say, sticking out your tongue or wiggling your eyebrows…or, in the case of fingerprints, by making a dummy fingerprint out of wood glue or a 2D inkjet printout. Google went ahead and filed a patent for “Liveness Checks,” but researchers using the most basic of photo editing tools managed to fool it with just a few minutes of editing and animating photos to make them look like subjects were fluttering their eyelashes. Similarly, researchers at one point came up with a way to mimic the swipey touch gestures we use to get into our phones. They did it by whipping up a Lego robot and equipping it with a finger sculpted from Play-Doh.

Like these previous methods of bypassing biometrics, Forbes’ head approach is rather, shall we say, crafty. Hell, it’s downright makerspace-intensive, given that you need access to a studio equipped with 50 cameras, a 3D printer, and a boatload of gypsum. The point was to see how easy it is to break into four of the hottest handsets running Android and iOS with a 3D-printed head. The upshot: the gypsum head tricked all of the Androids. Apple’s phone, however, wasn’t fooled. The models that Forbes managed to trick, given just the right lighting, a software-enhanced version of Thomas Brewster’s nose that had fallen off/been left behind during the photos capture, and various levels of fast-face scan (not so secure) vs. slow-face scan (better): the LG G7 ThinQ, a Samsung S9, a Samsung Note 8 and a OnePlus 6. The only one that gypsum-head couldn’t fool: The iPhone X.
 
  • Like
Reactions: harlan4096

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top