OnePlus 6 Face Unlock Fooled by Black-and-White Photo

Posted on May 30, 2018 by

“The spoofing also highlights the importance of liveness detection, which can involve a number of different methods of making sure that it’s the actual user in front of the phone.”

OnePlus 6 Face Unlock Fooled by Black-and-White Photo

OnePlus’s new flagship smartphone can be unlocked with a photo of the user’s face, and it doesn’t even need to be in color, suggests a user video recently posted to Twitter. Demonstrating the low bar for access to the phone via its face unlock feature, the video shows the user’s friend successfully unlocking his OnePlus 6 device just by holding a black-and-white photo of the user’s face in front of his own. It takes a few tries, but it works.

With respect to contemporary mobile security, it’s an illuminating spoofing video on a number of counts. For one thing, it shows that 2D face scanning is very different from 3D face scanning: A big part of the reason that Apple was able to claim one-in-a-million accuracy for the identification capabilities of the iPhone X’s Face ID system is that it establishes a 3D map of the user’s face using an infrared grid. It just isn’t possible to replicate that map with a 2D photo, whereas the OnePlus 6’s 2D imaging system has fallen victim to that vulnerability.

The spoofing also highlights the importance of liveness detection, which can involve a number of different methods of making sure that it’s the actual user in front of the phone. Apple’s ID has an ‘attention aware’ feature designed to make sure that an authorized user is actually looking at the iPhone X in order to unlock it, while other approaches have involved requiring the user to blink or taking short videos to establish movement.

Finally – and this is an area where Apple is actually lacking – the OnePlus 6 spoofing points to the utility of multimodal authentication. Relying on just one mechanism is far less effective than combining them, as Samsung has done in its combination of facial and iris recognition on the Galaxy S9 smartphone. For its part, the OnePlus 6 actually has a rear-mounted fingerprint sensor, too, and OnePlus says that this feature is meant more for security while the face unlock feature is mostly for convenience. But given that the device’s facial recognition system can’t even tell when it’s being shown a black-and-white image, it is perhaps a little too convenient for most users’ comfort.

Sources: TechRadar, Android Police, Digital Trends

Tags: , , , , , ,
Related Posts
Welcome Home Camera Sports Facial Recognition, Privacy Controls Welcome Home Camera Sports Facial Recognition, Privacy Controls
Asus Takes Tentative Step to Biometric Security Asus Takes Tentative Step to Biometric Security
Gemalto to Provide eSIM Management Solution for Korea Telecom Gemalto to Provide eSIM Management Solution for Korea Telecom
FPC Teams Up with G+D for Biometric Card Trial FPC Teams Up with G+D for Biometric Card Trial
Starbucks Leads mPayments Market: Report Starbucks Leads mPayments Market: Report
Qualcomm Ups Bid for NXP in Showdown with Rival Broadcom Qualcomm Ups Bid for NXP in Showdown with Rival Broadcom
IEEE Enhancing eHealth Interoperability IEEE Enhancing eHealth Interoperability
Could Touch ID Be Used As A Connected Car Key? Could Touch ID Be Used As A Connected Car Key?