A 3D mask – or even a photograph of a face – was able to fool supposedly secure face recognition systems used for payments and boarding aircraft, but was unable to fool Face ID…
Fortune reports on the tests carried out by an AI company.
The test, by artificial intelligence company Kneron, involved visiting public locations and tricking facial recognition terminals into allowing payment or access. For example, in stores in Asia—where facial recognition technology is deployed widely—the Kneron team used high quality 3-D masks to deceive AliPay and WeChat payment systems in order to make purchases.
Those systems, which resemble the ones seen in airports, use a person’s face rather than a PIN or a fingerprint to validate user’s identity. Such masks, in theory, could allow fraudsters to use another person’s face—and bank account—to go shopping.
More alarming were the tests deployed at transportation hubs. At the self-boarding terminal in Schiphol Airport, the Netherlands’ largest airport, the Kneron team tricked the sensor with just a photo on a phone screen. The team also says it was able to gain access in this way to rail stations in China where commuters use facial recognition to pay their fare and board trains.
The masks are expensive and time-consuming to create, so unlikely to be an issue for the average person, but could certainly render some wealthy individuals or public figures liable to fraud or misrepresentation.
The ability of a simple smartphone photo to fool an airport system is much more worrying.
Schiphol Airport, We Chat, and AliPay did not respond to requests for comment about the effectiveness of their facial recognition technology.
There was, however, good news for iPhone owners: not even the 3D mask was able to fool Face ID, even on the oldest phone to use it, the iPhone X. There has, however, been one example of a mask being used to gain access using Face ID. An Apple patent seems designed to counter this type of attack, requiring facial muscle movement to be seen.
Via Engadget
FTC: We use income earning auto affiliate links. More.
Comments