On March 7, Tencent Security Xuanwu Lab released the latest research results on Apple's Face ID: It only takes three steps and one minute to unlock the iPhone while wearing a mask.
At present, Xuanwu Lab has tested six mainstream masks of different specifications-including the most commonly used ordinary medical masks, n95 masks, anti-haze masks, etc. on the market, which can be unlocked with great probability.
During the fight against the new crown epidemic, under the scene of wearing a mask all day, this is undoubtedly a research result that can greatly facilitate people's daily life.
At present, there are some explorations on the Internet about wearing a mask to unlock the iPhone, mainly by constantly trying to wear a mask, "training" the iPhone to "learn" the face wearing a mask, and finally unlock it.
Compared with this method, the research results of Xuanwu Lab are more advantageous in terms of practicability and convenience:
1. Simple operation and short time: Xuanwu Lab's method only requires three steps to complete the setting in 1 minute; online methods generally require dozens or even hundreds of attempts to complete.
2. High success rate: The six mainstream masks tested by Xuanwu Lab can reach a 90% success rate, and the "training" method has a high failure rate.
3. Wide application: The general solution on the Internet can only unlock iPhone X. The research of Xuanwu Lab is still applicable to iPhone 11 with high security.
4. The principle is cleverer: The principle of the "training" method is to gradually learn the changes in the face, and to update the previously entered templates in later use.
Xuanwu Lab uses the mirror-matching nature of Face ID, which is equivalent to entering different half faces as templates, so that users can successfully unlock when wearing or removing masks. (Note: This operation is not cracked, initiated by the user)
How to set it up?
Step 1: Take a mask and fold it in half to block half of your face. You can hold the mask half-faced or hang the two ear-hook ropes on one ear.
Tips:
1. The mask should be as close to the face as possible to avoid obvious wrinkles;
2. The upper corners of the mask should cover half of the tip of the nose;
3. If the ear-hanging method is adopted, the face mask may be deformed due to large face or ears behind, you can hold the mask to cover half of the face.
Step 2: Keep the semi-covered state and set Face ID.
Tips:
1. If the face of the phone appears to be blocked, you can gradually reduce the amount of dragging while observing the screen until the circular viewfinder screen for face entry is triggered;
2. The mask can be intentionally made to cross the midline of the face slightly, resulting in excessive occlusion, and then gradually reduce the occlusion through the above method to find the critical point. The face unlocked at the critical point state has the highest success rate.
Step 3: After triggering the screen for face registration, keep the relative position of the mask and face unchanged, enter the face by turning the head in circles, or keep the head still, and let the phone rotate around the head.
After completing the above settings, you can try to unlock the phone while wearing and removing the mask.
In addition, because test masks cannot cover all mask types on the market, and each face shape is different, there is a certain probability of failure.
Other questions for this study
Q: What should I do if the unlock is unsuccessful or the success rate is not high?
A: The first step and the second step should be operated strictly according to the description; when wearing a mask, adjust the wire at the nose to make the mask close to the bridge of the nose; the mask cannot be worn too high. At the same time, after the third step of face registration is completed, try to keep the half-facet posture during the entry, unlock two or three times, and then gradually increase the mask area to unlock two or three times.
Q: Can this method only be used on iPhone? Can Android?
A: Android phones generally have both face and fingerprint unlocking functions, just use fingerprints.
Q: Is this method safe? Can someone wear a mask to unlock my phone?
A: From a technical point of view, the feature space of the face above the nose is still rich enough, and even after wearing a mask, some 3D contour information of the nose and mouth can be used by Face ID, and others cannot unlock it at will. However, although we believe that this is a method that can be used temporarily during an outbreak, we cannot guarantee any conditions that may arise after using this method.
Q: Is it okay to use a mask to cover half of the face, but to cover it with white paper?
A: The success rate of this operation will be lower. Because the reflectivity of the paper to the infrared light used by Face ID is different from that of the mask fabric, and the paper is prone to deformation. In addition, this method will cause Face ID to lose all 3D features of the occluded area, thereby reducing security to a greater extent.
Q: After entering with one mask, can I wear another mask to unlock it?
A: As long as the materials of the two masks are not too different, you can unlock them across the masks.
This is not Xuanwu Lab's first research on Face ID. As the main force in the field of biometrics in Tencent's security team, Xuanwu Lab has conducted in-depth analysis of various technologies such as face, voiceprint, and fingerprints.
At Black Hat USA, the world's largest hacking conference held in August 2019, researchers at Xuanwu Lab successfully used a pair of homemade "X-Glasses"-ordinary glasses with black tape embedded with white dots. Face ID.
They found that when Face ID recognizes that the user is wearing glasses, it will automatically skip the extraction of 3D information in the eye area, so only need to find out how Face ID scans the user's eyes for live detection, and the crack can be completed.
Therefore, they used "X-Glasses" to successfully simulate Face ID's human eye identification information, and finally unlocked it.