Apple's new Face ID unlock system on the iPhone X can reportedly be tricked with paper eyes and pizza toppings.
Yes, you read that correctly, but let us explain. Life-size eyes printed onto paper, then placed on the face of a 'sleeping' iPhone X owner, who had their phone nearby, were enough to bypass Face ID — at least according to a new video from FaceTec, a biometric security company pushing out its own facial recognition app, Zoom.
FaceTec conducted its short experiment, pushing the concept a step further, placing various pizza toppings on the iPhone owner's face. Black olives on top of slices of mushrooms (instead of the paper eyes) also appeared to unlock Face ID, and so did a pair of bottle caps, although that took multiple attempts.
The company says this works, even when an iPhone X setting called 'Require Attention for Face ID' is switched on. This extra level of security is designed to prevent the iPhone from unlocking when the owner is not looking at it.
Unlike Face ID and other facial recognition systems, Zoom is meant to map your face from one distance, then a second, closer distance. This requires users to hold the phone steady, then move it towards them and hold it steady again — zooming in, hence the name. ZoOm uses the front-facing camera of an iPhone or Android device to scan the owner's face, which is stored as an encrypted data file (a "facemap") in the devices secure zone, and used for future authentication.
GearBrain tried out Zoom, and while it works quickly and reliably, we found the offset location of the Google Pixel 2 XL's front camera made zooming in on our face tricky at first. That being said, the app was not phased by difficult lighting conditions, and we can see the appeal to financial companies looking to employ biometric security that claims to work on "five billion" smartphones worldwide — in other words, every device with a front camera.
The Zoom app seen here is only a demonstration of how the San Diego-based FaceTec's technology works, but the company says its unlocking system has been shipping to developers for several months now, and will appear in banking applications soon. Zoom integration is free for small businesses and nonprofits, but is charged on a per active user, per year basis for enterprise-level customers.
Zoom claims to be more secure than Face ID, by using just one camera FaceTec demo app via App Store
Naturally, FaceTec has said little about how its system works, but claiming to have one up on Face ID, Touch ID and other systems like Samsung's iris scanner is a bold move for a startup. Zoom is "the only mobile biometric that cannot be spoofed by photos or videos, making it far more secure than legacy biometrics, including fingerprint, 2D face recognition and even eye scans," the developers say.