Although face recognition should protect the privacy of smartphone owners, it now appears that some devices recognize a 3D-printed version of the owner’s face and thus unlock the phone.
Thomas Brewster, a journalist from Forbes, took the test to the sum. He tested four Android smartphones and an iPhone X. Only one device turned out to be incompetent.
Brewster had the British studio Backface make a 3D copy of his head: for that, images from 50 cameras were combined into a single 3D image that was printed with a 3D printer and then finished by hand. For the relatively low amount of 330 euros he had a plaster version of his own face a few days later.
He then set face recognition with his own face on an iPhone X, LG G7 ThinQ, a Samsung S9, a Samsung Note 8 and a OnePlus 6. Then he tried to unlock the devices with his 3D copy. All four Android devices were opened, but the iPhone X refused access to the fake face.
The LG G7, however, alerts the user when setting the face recognition that it is a “secondary unlocking method that makes your phone less secure” and points out that a similar face can also access the smartphone. The Samsung S9 also indicates that the phone can be unlocked “by someone or something that looks like you” and indicates that a PIN code or password is more secure.
However, for the development of facial recognition technology, Apple worked with a Hollywood studio that makes realistic masks and that clearly paid off: the phone did not crack.
Windows Hello, which allows users to log in on a laptop, tablet or smartphone through facial recognition, also remained intact and refused to unlock for the fake face.
Although making a 3D print of your head is not a fast, cheap way to get personal data, anyone who cares about his privacy seriously, but rather not use facial recognition, says Matt Lewis, research director at cybersecurity company NCC Group. It is easier for hacker and police services to get biometric data, such as your face or your fingerprints, than a password or PIN code.