Fooling sophisticated security systems with a photo

Facial recog compositeEver notice how easy it is in the movies to get the better of high tech security? 

Every secure room and prison cell has a person-size ventilation shaft covered by an easily removed grate. You can spray fog to reveal laser beams and then contort your way through. For every floor with alarm pressure plates, you can suspend yourself from the ceiling. And, these days, thieves (and viewers) aren’t squeamish about removing body parts to satisfy biometric scanners. Whoever thought we’d see Mila Kunis conceal a severed finger in a lipstick case?

Of course, those of us who know a thing or two about cyber security have the privilege of looking about the theater with a smug it ain’t that simple expression. Not even the lipstick finger would work.

But let’s give moviemakers credit. At least they weren’t naïve enough to cook up fooling airport facial recognition software by holding up a smartphone with a photo on its screen. I mean, that’s just plain silly. Even for Hollywood.

Except, well, hold Kneron’s beer.

Kneron, a San Deigo artificial intelligence company, conducted tests to see just what thieves could, in reality, get away with. As I so subtly foreshadowed two paragraphs back, Fortune reported that …

At the self-boarding terminal in Schiphol Airport, the Netherlands’ largest airport, the Kneron team tricked the sensor with just a photo on a phone screen. The team also says it was able to gain access in this way to rail stations in China where commuters use facial recognition to pay their fare and board trains.


But then, airports and rail stations are one thing. Banking is quite another. 


I hope you’re still holding Kneron’s beer, for the same article says that …

… in stores in Asia—where facial recognition technology is deployed widely—the Kneron team used high quality 3-D masks to deceive AliPay and WeChat payment systems in order to make purchases. Those systems, which resemble the ones seen in airports, use a person’s face rather than a PIN or a fingerprint to validate user’s identity. Such masks, in theory, could allow fraudsters to use another person’s face—and bank account—to go shopping.


On the bright side, “high quality 3-D masks” aren’t easily come by. Kneron used masks that were “obtained from specialty mask makers in Japan. But the San Diego-based company notes the technique could be used to defraud famous or wealthy individuals.”

Also on the bright side, the masks that Kneron used could not fool the iPhone X’s face recognition system. According to

Neither a mask nor a photograph could fool even the oldest iPhone with the technology, the iPhone X, during the test. There has been one case when the system was tricked, but Apple has attempted to patent a counterattack that would require some facial muscle movement for verification.

There are, however, are times when iPhone X doesn’t recognize the real thing. STEM-focused NFP organization Skeptoid Media’s executive director Brian Dunning recently lamented on Facebook, 

My experience has been 70% stoked with how much faster and easier navigation is on the phone, with 30% frustration over the need to type my unlock code so often as Face ID is soooo unreliable, especially when wearing winter gear.

Dunning isn’t alone. Shortly after iPhone X’s debut, Slate reported:

Unlike Beyoncé, we do not all wake up flawless—at least not according to the iPhone X. Several iPhone X–owning Twitter users have taken to the latter (probably using the former) to complain that Face ID—the phone’s facial recognition technology—fails to recognize their face first thing in the morning. Like a drunken one-night stand, the iPhone X doesn’t quite know who they are in the morning light.

For that matter, by now it’s well known that facial recognition software—all of it, not just Apple’s—has its challenges when it comes to non-white skin. Last month the Washington Post reported

Asian and African American people were up to 100 times more likely to be misidentified than white men, depending on the particular algorithm and type of search. Native Americans had the highest false-positive rate of all ethnicities, according to the study, which found that systems varied widely in their accuracy.

No wonder some iPhone users long for a return to opening their phones with a fingerprint. Except, as I posted last spring, fingerprints linked with Social Security numbers and addresses are readily available on the dark web. 

(To my knowledge, no one has retried the infamous experiment in which a thief hoped that painting his face with lemon juice would make it invisible to security cameras.)

Yet it is only by identifying flaws that we find solutions. The fact that we have facial recognition software at all—not long ago it was the stuff of science fiction—is pretty mind-boggling. The wrinkles will be ironed out.

Comments are closed.