A cybersecurity researcher named Wish Wu, who claims to have found a way to unlock modern biometric authentication system has canceled the relevant presentation after his employer, Ant Financial, dismissed it as “misleading”. The presentation was entitled “Bypass Strong Face ID: Everyone Can Deceive Depth and IR Camera Algorithms”, and was scheduled for presentation at the Black Hat Asia hacking conference 2019.
The message of Wu to Reuters was the following: “In order to ensure the credibility and maturity of the research results, we decided to cancel the speech”. Ant Financial has also added their clarification statement, saying that: “The research on the face ID verification mechanism is incomplete and would be misleading if presented.”
All this is interesting as Face ID systems, and especially that one of Apple is considered to be very strong, showcasing high levels of resistance against all possible hacking methods and techniques that security researchers have thrown at them. Counting barely more than a year of service life, however, the revelation of an easy way to unlock them as implied by the conference briefing title would cause significant problems to those who have invested in it.
As it happens, Ant Financial is one of those companies, currently using facial recognition technologies for their payment system (Alipay), including Apple’s system. That said, the employer of Wish Wu would have to face much trouble with the possible revelations made by such a conference briefing. The method that was described in the abstract of the talk involves a printed image on an ordinary b&w printer and a tape. Using cheap materials and easily accessible tools to bypass the scanning of multiple cameras and sensors make the whole thing very interesting, and if the hack is really working, it is bound to leak to the public soon, no matter this cancellation.
The Black Hat conference is a prestigious event joined by many professionals in the field who are interested in getting to grips with the latest developments in the field of cybersecurity. That said, all talks are reviewed by the conference board of organizers before they get included in the schedule, and researchers have to prove that what they are about to present is indeed valid. In this case, Wu convinced the board that the hack can be replicated, and provided proof material that supported the talk. Whether the hack is really valid or not, we’ll have to wait and see.
Do you believe that Wish Wu has found a way to unlock Apple’s Face ID? Let us know of your opinion in the comments section below, and don’t forget to like and subscribe on our socials, on Facebook and Twitter.